Limit permissions and include missing certificates in security tests (#418)

* Update backdoor security tests' descriptions

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Different certificates for the publisher & subscriber in backdoor test

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Different certificates for the publisher & subscriber in backdoor_dds test

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Update secure_trespassing's test description

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Different certificates for the publisher & subscriber in secure_trespassing test

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Add note to explain Fast-DDS's security warnings

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Update secure_wan's test description

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Different certificates for the publisher & subscriber in secure_wan tests

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Remove README files

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Restrict permissions

Signed-off-by: tempate <danieldiaz@eprosima.com>

* Apply suggestions

Signed-off-by: tempate <danieldiaz@eprosima.com>

---------

Signed-off-by: tempate <danieldiaz@eprosima.com>

Author: tempate

ddsrouter_test/compose/test_cases/security/backdoor/README.md

@@ -1,9 +1,9 @@
 MIME-Version: 1.0
-Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----A88C8EFF7EB58DF8BE6B769F5330054A"
+Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha-256"; boundary="----2E59600AC192FF720C24020D1C9F2220"
 
 This is an S/MIME signed message
 
-------A88C8EFF7EB58DF8BE6B769F5330054A
+------2E59600AC192FF720C24020D1C9F2220
 Content-Type: text/plain
 
 <?xml version="1.0" encoding="utf-8"?>
@@ -37,34 +37,35 @@ Content-Type: text/plain
     </domain_access_rules>
 </dds>
 
-------A88C8EFF7EB58DF8BE6B769F5330054A
+------2E59600AC192FF720C24020D1C9F2220
 Content-Type: application/x-pkcs7-signature; name="smime.p7s"
 Content-Transfer-Encoding: base64
 Content-Disposition: attachment; filename="smime.p7s"
 
-MIIETAYJKoZIhvcNAQcCoIIEPTCCBDkCAQExDzANBglghkgBZQMEAgEFADALBgkq
-hkiG9w0BBwGgggIXMIICEzCCAbkCFDLOtK+nDs16QK7x/A3ZsoTWkjo0MAoGCCqG
+MIIETQYJKoZIhvcNAQcCoIIEPjCCBDoCAQExDzANBglghkgBZQMEAgEFADALBgkq
+hkiG9w0BBwGgggIYMIICFDCCAbkCFHjAZLtrznIa1wXHcSPb4WUwpIeJMAoGCCqG
 SM49BAMCMIGLMQswCQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1Ry
 ZXMgQ2FudG9zMREwDwYDVQQKDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEg
 TWFpbiBUZXN0IENBMSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1h
-LmNvbTAeFw0yMzA2MDIwOTE5MDBaFw0zMzA1MzAwOTE5MDBaMIGLMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMjcwODU5MjhaFw0zMzEyMjQwODU5MjhaMIGLMQswCQYDVQQG
 EwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREwDwYDVQQK
 DAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENBMSYwJAYJ
 KoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABCO7Dp5gXZIynjsVkg2+72MYzfet8UbmFV1qR4fbaDf7g4ic
-56ypmz80jYXz+Yq7WWxrzZwQb7A+CUhjk9E3mN4wCgYIKoZIzj0EAwIDSAAwRQIh
-AJtOH5gtatFD63jKLtzGi4EOw3SK+201k6AVXkNkfuA0AiAaFmHO12hrSgwNwQli
-awNUVe4ftXrKB3ZZ9SiFJW4snzGCAfkwggH1AgEBMIGkMIGLMQswCQYDVQQGEwJF
-UzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREwDwYDVQQKDAhl
-UHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENBMSYwJAYJKoZI
-hvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbQIUMs60r6cOzXpArvH8Ddmy
-hNaSOjQwDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEH
-ATAcBgkqhkiG9w0BCQUxDxcNMjMwNjAyMDkxOTAwWjAvBgkqhkiG9w0BCQQxIgQg
-qIbZ+sJhz6nFaocUuXIk3FmzrCCLKFNEM6gMln3FAYAweQYJKoZIhvcNAQkPMWww
-ajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggqhkiG
-9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYI
-KoZIhvcNAwICASgwCgYIKoZIzj0EAwIERzBFAiEAyMXGl6HGJE/4SXLnaR6AYtFu
-KyKFQlsKPd1SyXsW4pICIBWe+VJf/Hnb3j36gxzHpu2FaCctwE9yk+1iUkwfm6mD
+CCqGSM49AwEHA0IABIvcM1UGEFwrWD44VJfQEnPBG7Ws4MYKTaO3IpuVqdmgDdW8
+mOq9Mhg5wp5jH9r+h4ECJAV0l0DZaknUcA9aSGcwCgYIKoZIzj0EAwIDSQAwRgIh
+AJHSdoa0YO6zpIMt8UlLHIZmm6rRxY+1qAEjv0DuUA5KAiEArLS5gjEJCAnyzOns
+2rvkoyoQcr/O/R+LY2HjXExEeFsxggH5MIIB9QIBATCBpDCBizELMAkGA1UEBhMC
+RVMxCzAJBgNVBAgMAk1BMRQwEgYDVQQHDAtUcmVzIENhbnRvczERMA8GA1UECgwI
+ZVByb3NpbWExHjAcBgNVBAMMFWVQcm9zaW1hIE1haW4gVGVzdCBDQTEmMCQGCSqG
+SIb3DQEJARYXcm91dGVydGVzdEBlcHJvc2ltYS5jb20CFHjAZLtrznIa1wXHcSPb
+4WUwpIeJMA0GCWCGSAFlAwQCAQUAoIHkMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B
+BwEwHAYJKoZIhvcNAQkFMQ8XDTIzMTIyNzA4NTkyOFowLwYJKoZIhvcNAQkEMSIE
+IKiG2frCYc+pxWqHFLlyJNxZs6wgiyhTRDOoDJZ9xQGAMHkGCSqGSIb3DQEJDzFs
+MGowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjALBglghkgBZQMEAQIwCgYIKoZI
+hvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0G
+CCqGSIb3DQMCAgEoMAoGCCqGSM49BAMCBEcwRQIgYoznhxZ3NrLE7/+aN7WkcL9R
+gVOHBXc58pBFDFcllhQCIQDGZ+LSXC+hYZV4OhJom3O5yoOy1sh3KhW9TN0CQ0FV
+Mw==
 
-------A88C8EFF7EB58DF8BE6B769F5330054A--
+------2E59600AC192FF720C24020D1C9F2220--
 

ddsrouter_test/compose/test_cases/security/backdoor/certs/governance.smime

@@ -0,0 +1,41 @@
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            20:c8:db:5e:dc:f2:72:70:b0:f8:d0:87:69:a9:ac:37:86:b5:92:11
+        Signature Algorithm: ecdsa-with-SHA256
+        Issuer: C=ES, ST=MA, L=Tres Cantos, O=eProsima, CN=eProsima Main Test CA/emailAddress=routertest@eprosima.com
+        Validity
+            Not Before: Dec 27 08:59:28 2023 GMT
+            Not After : Dec 24 08:59:28 2033 GMT
+        Subject: C=ES, ST=MA, O=eProsima, CN=BackdoorTestLocalPub/emailAddress=routertest@eprosima.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:47:b6:53:3e:37:00:07:b5:dc:5d:77:c9:65:cc:
+                    73:8f:f7:fc:1b:d4:c5:e1:d0:fd:c9:33:ec:32:08:
+                    69:c4:ef:59:d8:a4:78:22:26:89:26:97:fd:ef:eb:
+                    17:05:d0:50:f4:0b:8b:60:48:2d:b6:7c:90:bf:b4:
+                    43:3e:95:0d:fd
+                ASN1 OID: prime256v1
+                NIST CURVE: P-256
+    Signature Algorithm: ecdsa-with-SHA256
+    Signature Value:
+        30:46:02:21:00:a8:c1:d8:30:51:9c:1a:05:c3:13:d6:72:2b:
+        bc:57:23:12:c4:2f:2c:94:db:af:e6:6a:b9:3a:09:04:ad:5f:
+        86:02:21:00:d4:21:d8:db:61:e7:ea:e1:cb:b2:d2:a1:56:dd:
+        87:6a:d8:f6:00:89:e9:cc:ee:60:41:79:21:42:34:7e:18:97
+-----BEGIN CERTIFICATE-----
+MIIB/DCCAaECFCDI217c8nJwsPjQh2mprDeGtZIRMAoGCCqGSM49BAMCMIGLMQsw
+CQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREw
+DwYDVQQKDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENB
+MSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTAeFw0yMzEy
+MjcwODU5MjhaFw0zMzEyMjQwODU5MjhaMHQxCzAJBgNVBAYTAkVTMQswCQYDVQQI
+DAJNQTERMA8GA1UECgwIZVByb3NpbWExHTAbBgNVBAMMFEJhY2tkb29yVGVzdExv
+Y2FsUHViMSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTBZ
+MBMGByqGSM49AgEGCCqGSM49AwEHA0IABEe2Uz43AAe13F13yWXMc4/3/BvUxeHQ
+/ckz7DIIacTvWdikeCImiSaX/e/rFwXQUPQLi2BILbZ8kL+0Qz6VDf0wCgYIKoZI
+zj0EAwIDSQAwRgIhAKjB2DBRnBoFwxPWciu8VyMSxC8slNuv5mq5OgkErV+GAiEA
+1CHY22Hn6uHLstKhVt2Hatj2AInpzO5gQXkhQjR+GJc=
+-----END CERTIFICATE-----

ddsrouter_test/compose/test_cases/security/backdoor/certs/local_pub_cert.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgn0fWT7P7Es0BjtNa
+d5Zh8ZPLLKwiaANuZkQLOGODXlmhRANCAARHtlM+NwAHtdxdd8llzHOP9/wb1MXh
+0P3JM+wyCGnE71nYpHgiJokml/3v6xcF0FD0C4tgSC22fJC/tEM+lQ39
+-----END PRIVATE KEY-----

ddsrouter_test/compose/test_cases/security/backdoor/certs/local_pub_key.pem

@@ -0,0 +1,41 @@
+Certificate:
+    Data:
+        Version: 1 (0x0)
+        Serial Number:
+            20:c8:db:5e:dc:f2:72:70:b0:f8:d0:87:69:a9:ac:37:86:b5:92:12
+        Signature Algorithm: ecdsa-with-SHA256
+        Issuer: C=ES, ST=MA, L=Tres Cantos, O=eProsima, CN=eProsima Main Test CA/emailAddress=routertest@eprosima.com
+        Validity
+            Not Before: Dec 27 08:59:28 2023 GMT
+            Not After : Dec 24 08:59:28 2033 GMT
+        Subject: C=ES, ST=MA, O=eProsima, CN=BackdoorTestLocalSub/emailAddress=routertest@eprosima.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:0f:f5:6e:33:ed:96:97:57:5e:a4:6a:b0:1e:eb:
+                    79:b2:e5:8e:e4:e6:7a:42:28:b0:07:66:dd:91:2f:
+                    ff:ad:5e:9a:7d:46:47:c7:61:49:7f:63:e6:f8:48:
+                    c8:07:d5:dd:bc:11:bb:6a:d7:14:94:8b:f5:9f:61:
+                    57:32:34:ec:a2
+                ASN1 OID: prime256v1
+                NIST CURVE: P-256
+    Signature Algorithm: ecdsa-with-SHA256
+    Signature Value:
+        30:45:02:20:30:75:9c:70:17:03:9a:84:96:ed:93:13:07:5e:
+        b1:74:8e:b6:7f:7c:28:19:01:73:37:ec:cf:de:0e:6d:c5:6a:
+        02:21:00:99:d3:b1:81:ab:b1:ef:b2:73:ae:5b:48:c0:da:9c:
+        cc:11:c7:c7:65:f6:d4:9c:93:b8:48:79:26:99:f3:d4:61
+-----BEGIN CERTIFICATE-----
+MIIB+zCCAaECFCDI217c8nJwsPjQh2mprDeGtZISMAoGCCqGSM49BAMCMIGLMQsw
+CQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREw
+DwYDVQQKDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENB
+MSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTAeFw0yMzEy
+MjcwODU5MjhaFw0zMzEyMjQwODU5MjhaMHQxCzAJBgNVBAYTAkVTMQswCQYDVQQI
+DAJNQTERMA8GA1UECgwIZVByb3NpbWExHTAbBgNVBAMMFEJhY2tkb29yVGVzdExv
+Y2FsU3ViMSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTBZ
+MBMGByqGSM49AgEGCCqGSM49AwEHA0IABA/1bjPtlpdXXqRqsB7rebLljuTmekIo
+sAdm3ZEv/61emn1GR8dhSX9j5vhIyAfV3bwRu2rXFJSL9Z9hVzI07KIwCgYIKoZI
+zj0EAwIDSAAwRQIgMHWccBcDmoSW7ZMTB16xdI62f3woGQFzN+zP3g5txWoCIQCZ
+07GBq7HvsnOuW0jA2pzMEcfHZfbUnJO4SHkmmfPUYQ==
+-----END CERTIFICATE-----

ddsrouter_test/compose/test_cases/security/backdoor/certs/local_sub_cert.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9h7KMTn8VEmIv0mm
+cRnYp3TeRJwDDxHnZ8de8egX5sihRANCAAQP9W4z7ZaXV16karAe63my5Y7k5npC
+KLAHZt2RL/+tXpp9RkfHYUl/Y+b4SMgH1d28Ebtq1xSUi/WfYVcyNOyi
+-----END PRIVATE KEY-----

ddsrouter_test/compose/test_cases/security/backdoor/certs/local_sub_key.pem

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICFDCCAbkCFHjAZLtrznIa1wXHcSPb4WUwpIeJMAoGCCqGSM49BAMCMIGLMQsw
+CQYDVQQGEwJFUzELMAkGA1UECAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREw
+DwYDVQQKDAhlUHJvc2ltYTEeMBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENB
+MSYwJAYJKoZIhvcNAQkBFhdyb3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTAeFw0yMzEy
+MjcwODU5MjhaFw0zMzEyMjQwODU5MjhaMIGLMQswCQYDVQQGEwJFUzELMAkGA1UE
+CAwCTUExFDASBgNVBAcMC1RyZXMgQ2FudG9zMREwDwYDVQQKDAhlUHJvc2ltYTEe
+MBwGA1UEAwwVZVByb3NpbWEgTWFpbiBUZXN0IENBMSYwJAYJKoZIhvcNAQkBFhdy
+b3V0ZXJ0ZXN0QGVwcm9zaW1hLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
+BIvcM1UGEFwrWD44VJfQEnPBG7Ws4MYKTaO3IpuVqdmgDdW8mOq9Mhg5wp5jH9r+
+h4ECJAV0l0DZaknUcA9aSGcwCgYIKoZIzj0EAwIDSQAwRgIhAJHSdoa0YO6zpIMt
+8UlLHIZmm6rRxY+1qAEjv0DuUA5KAiEArLS5gjEJCAnyzOns2rvkoyoQcr/O/R+L
+Y2HjXExEeFs=
+-----END CERTIFICATE-----