3. Compatibility

This release of the Security Plugins includes partial support for the DDS Security specification from the Object Management Group (OMG).

The Security Plugins 7.2.0 are interoperable with the Security Plugins 5.2.7 and higher.

Persistence Service databases secured with the Security Plugins 7.2.0 are incompatible with databases generated by versions of Persistence Service older than 7.0.0.

When using the Security Plugins SDK, the required minimum version of CMake is 3.12 if linking dynamically and 3.13 if linking statically.

In release 7.2.0, the Security Plugins are available for use with OpenSSL® 1.1.1, OpenSSL 3.0, and wolfSSL® 5.5. There are separate installation packages for each of these options.

For more information about other backward compatibility issues, see the Migration Guide on the RTI Community Portal (https://community.rti.com/documentation).

3.1. Compatibility with OpenSSL 1.1.1 and 3.0

The Security Plugins 7.2.0 for OpenSSL are API-compatible with OpenSSL 1.1.0 - 1.1.1t, and OpenSSL 3.0. The Security Plugins 7.1.0 have only been tested by RTI using OpenSSL 1.1.1t and 3.0.9.

The Security Plugins SDK has been tested with OpenSSL 1.1.1t and 3.0.9.

Limitations when using OpenSSL

The Security Plugins for OpenSSL 3.0 do not support the OpenSSL Provider API, which is the OpenSSL 3.0 replacement for OpenSSL 1.1’s Engine API. OpenSSL 3.0 no longer supports the Engine API.

3.2. Compatibility with wolfSSL 5.5

The Security Plugins 7.2.0 for wolfSSL have been tested with wolfSSL 5.5.1 on following target platform:

  • QNX® Neutrino® 7.1 systems on Arm® v8 CPUs (RTI architecture: armv8QNX7.1qcc_gpp8.3.0)

Limitations when using wolfSSL

The Security Plugins for wolfSSL are interoperable with the Security Plugins for OpenSSL in most configurations. However, there are some features that are not supported by the Security Plugins for wolfSSL:

  • Diffie-Hellman: The Security Plugins for wolfSSL only support the ECDHE-CEUM+P256 and ECDHE-CEUM+P384 Elliptic Curve Diffie-Hellman (ECDHE) key establishment algorithms.

  • RSASSA-PSS-MGF1SHA256+2048+SHA256: The Security Plugins for wolfSSL support for digital signatures is limited to the RSASSA-PKCS1-V1_5+2048+SHA256, ECDSA-P256+SHA256, and ECDSA-P384+SHA384 algorithms.

  • OpenSSL engines are not supported.