Secure option with Java build

4 posts / 0 new
Last post
Offline
Last seen: 6 months 2 weeks ago
Joined: 09/19/2023
Posts: 2
Secure option with Java build

Hi,

I have been trying to run the latency and throughput testing under the security enabled feature but was unsucessful with Perftest 4.1 and Connext DDS 6.1.1. I just want to run the test with some security algorithm on UDPv4.

Based on the documentation I've set the:

set NDDSHOME=C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1

set RTI_PERFTEST_ARCH=i86win64VS2022

set RTI_OPENSSL_PATH=C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\third_party\openssl-1.1.1n\x64Win64VS2017\release\bin

 

and then runned the build.bat script accordingly

.\build.bat --platform x64Win64VS2022 --java-build --secure --openssl-home C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\third_party\openssl-1.1.1n\x64Win64VS2017\release\bin

 

Then I simply go to the folder with the generated ".jar" being "rtiperftest\bin\release" file and start Publisher as follows:

perftest_java -pub -secureEncryptionAlgorithm rsa

 

but I always get the asked for "SecureGovernanceFile is required when using security." and when I provide it with

perftest_java -pub -secureGovernanceFile C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\resource\schema -secureEncryptionAlgorithm rsa

SecureGovernanceFile is required when using security.
RTI Connext DDS Evaluation License issued to City, University of London arkadiusz.nowacki@city.ac.uk For non-production use only.
Expires on 19-oct-2023 See www.rti.com for more information.
RTI Security Plugins Evaluation License issued to City, University of London arkadiusz.nowacki@city.ac.uk For non-production use only.
Expires on 19-oct-2023 See www.rti.com for more information.
[CREATE DP] RTI_Security_AuthenticationData_create:{"DDS:Security:LogTopic":{"f":"10","s":"0","t":{"s":"1695912992","n":"254996717"},"h":"DESKTOP-01IQF7N","i":"0.0.0.0","a":"RTI Secure DDS Application","p":"21600","k":"security","x":[{"DDS":[{"domain_id":"<unknown>"},{"guid":"<unknown>"},{"plugin_class":"Authentication"},{"plugin_method":"RTI_Security_AuthenticationData_create"}]}],"m":"failed to lookup dds.sec.auth.identity_ca. Check prefix and spelling."}}
[CREATE DP] RTI_Security_PluginSuite_create:!create struct DDS_Authentication
[CREATE DP] DDS_DomainParticipantTrustPlugins_initialize:!create security plugin
[CREATE DP] DDS_DomainParticipant_createI:!create builtin trust plugins support
[CREATE DP] DDS_DomainParticipantFactory_create_participant_disabledI:!create participant
Exception in thread "main" com.rti.dds.infrastructure.RETCODE_ERROR: error creating entity
        at com.rti.dds.util.Utilities.rethrow(Utilities.java:93)
        at com.rti.dds.infrastructure.NativeFactoryMixin.create_entityI(NativeFactoryMixin.java:187)
        at com.rti.dds.domain.DomainParticipantFactoryImpl.create_participant(DomainParticipantFactoryImpl.java:287)
        at com.rti.perftest.ddsimpl.RTIDDSImpl.initialize(RTIDDSImpl.java:521)
        at com.rti.perftest.harness.PerfTest.run(PerfTest.java:224)
        at com.rti.perftest.harness.PerfTest.runTest(PerfTest.java:150)
        at com.rti.perftest.ddsimpl.PerfTestLauncher.main(PerfTestLauncher.java:99)

 

I am getting this error message and cannot run the secuirty feature. I am not sure whether I am setting any of the variables incorrectly or java build is not allowed with secuirty.

RTI Perftest Master (RTI Connext DDS 6.1.1)
Exception in thread "main" com.rti.dds.infrastructure.RETCODE_PRECONDITION_NOT_MET: property already exists
        at com.rti.dds.infrastructure.PropertyQosPolicyHelper.add_property(PropertyQosPolicyHelper.java:103)
        at com.rti.perftest.ddsimpl.RTIDDSImpl.configureSecurePlugin(RTIDDSImpl.java:960)
        at com.rti.perftest.ddsimpl.RTIDDSImpl.initialize(RTIDDSImpl.java:461)
        at com.rti.perftest.harness.PerfTest.run(PerfTest.java:224)
        at com.rti.perftest.harness.PerfTest.runTest(PerfTest.java:150)
        at com.rti.perftest.ddsimpl.PerfTestLauncher.main(PerfTestLauncher.java:99)

 

I will apreciate any guidane.

Kind regards

jmorales's picture
Offline
Last seen: 1 month 3 weeks ago
Joined: 08/28/2013
Posts: 60

Hi Arkadius,

-secureGovernanceFile C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\resource\schema

I think you put that schema file/folder there, as in RTI Perftest we don't have such file/folder, and it doesn't seem to be a valid governance file. You can find some valid governance files under ${perftest_folder}/resource/secure/signed_PerftestGovernance_*.xml

There you will find several governance files with several configurations, and you can even create your own, but for more detailed information about RTI Connext DDS Secure Governance files, you can check here: https://community.rti.com/static/documentation/connext-dds/7.1.0/doc/manuals/connext_dds_secure/users_manual/p2_core/elements_dds_secure_system.html#governance-and-permissions

Lets try solving that issue first and then we can switch to the next.

Offline
Last seen: 6 months 2 weeks ago
Joined: 09/19/2023
Posts: 2

Hi Javier,

I have tried you suggestion about the governance file and decided to use one, named as "signed_PerftestGovernance_DiscoveryEncryptBoth.xml". I believe you are right with the folder as I have tried this step previously but didn't achieve much.

Currently, I get the error below and I have tried two paths of RTI_OPENSSL_PATH where first one was:

set RTI_OPENSSL_PATH=C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\third_party\openssl-1.1.1n\x64Win64VS2017\release\bin

and then the second try was (I have checked a README file suggesting this change):

set RTI_OPENSSL_PATH=C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\third_party\openssl-1.1.1n

[CREATE DP] RTI_Security_Util_getfile:OpenSSL function BIO_read_filename failed with error: error:02001003:system library:fopen:No such process
[CREATE DP] RTI_Security_Util_getfile:OpenSSL function BIO_read_filename failed with error: error:20074002:BIO routines:file_ctrl:system lib
[CREATE DP] RTI_Security_Util_uriToStringBuiltin:!failed to read from file ./resource/secure/cacert.pem
[CREATE DP] RTI_Security_Util_uriToStringEx:!convert URI to string
[CREATE DP] RTI_Security_Util_lookupPropertiesEx:!failed to convert to a string from property URI ./resource/secure/cacert.pem
[CREATE DP] RTI_Security_AuthenticationData_create:{"DDS:Security:LogTopic":{"f":"10","s":"0","t":{"s":"1695928610","n":"666991413"},"h":"DESKTOP-01IQF7N","i":"0.0.0.0","a":"RTI Secure DDS Application","p":"22172","k":"security","x":[{"DDS":[{"domain_id":"<unknown>"},{"guid":"<unknown>"},{"plugin_class":"Authentication"},{"plugin_method":"RTI_Security_AuthenticationData_create"}]}],"m":"failed to lookup dds.sec.auth.identity_ca. Check prefix and spelling."}}
[CREATE DP] RTI_Security_PluginSuite_create:!create struct DDS_Authentication
[CREATE DP] DDS_DomainParticipantTrustPlugins_initialize:!create security plugin
[CREATE DP] DDS_DomainParticipant_createI:!create builtin trust plugins support
[CREATE DP] DDS_DomainParticipantFactory_create_participant_disabledI:!create participant
Exception in thread "main" com.rti.dds.infrastructure.RETCODE_ERROR: error creating entity
        at com.rti.dds.util.Utilities.rethrow(Utilities.java:93)
        at com.rti.dds.infrastructure.NativeFactoryMixin.create_entityI(NativeFactoryMixin.java:187)
        at com.rti.dds.domain.DomainParticipantFactoryImpl.create_participant(DomainParticipantFactoryImpl.java:287)
        at com.rti.perftest.ddsimpl.RTIDDSImpl.initialize(RTIDDSImpl.java:521)
        at com.rti.perftest.harness.PerfTest.run(PerfTest.java:224)
        at com.rti.perftest.harness.PerfTest.runTest(PerfTest.java:150)
        at com.rti.perftest.ddsimpl.PerfTestLauncher.main(PerfTestLauncher.java:99)

 

jmorales's picture
Offline
Last seen: 1 month 3 weeks ago
Joined: 08/28/2013
Posts: 60

I think the path should be:

set RTI_OPENSSL_PATH=C:\Users\arekn\Desktop\PulledfromGitHub\PerftestGetResults\rtiperftest\rti_connext_dds-6.1.1\third_party\openssl-1.1.1n\x64Win64VS2017