From 19d9363925bd1b68a3483b42e9a43ca6903fa5ca Mon Sep 17 00:00:00 2001 From: AssemblyJohn Date: Mon, 29 Apr 2024 14:59:08 +0300 Subject: [PATCH 1/3] Updated interfaces Signed-off-by: AssemblyJohn --- interfaces/evse_security.yaml | 17 +++++++- lib/staging/ocpp/evse_security_ocpp.cpp | 26 +++++++------ .../EvseSecurity/main/evse_securityImpl.cpp | 23 ++++++----- .../EvseSecurity/main/evse_securityImpl.hpp | 8 ++-- types/evse_security.yaml | 39 ++++++++++++++----- 5 files changed, 79 insertions(+), 34 deletions(-) diff --git a/interfaces/evse_security.yaml b/interfaces/evse_security.yaml index 353d2142e..2078cf32d 100644 --- a/interfaces/evse_security.yaml +++ b/interfaces/evse_security.yaml @@ -103,6 +103,16 @@ cmds: ocsp_response: description: OCSPResponse class as defined in IETF RFC 6960. DER and then base64 encoded type: string + retrieve_ocsp_cache: + description: Command to retrieve the OCSP cache file path of the specified certificate hash + arguments: + certificate_hash_data: + description: Certificate hash data that identifies the certificate for which the cache should be retrieved + type: object + $ref: /evse_security#/CertificateHashData + result: + description: Path of data related to the certificate hash, if present + type: string is_ca_certificate_installed: description: Command that indicates of the given CA certificate type is installed arguments: @@ -135,7 +145,7 @@ cmds: result: description: The certificate signing request in PEM format type: string - get_key_pair: + get_leaf_certificate_info: description: Command to get the paths of the certificate and the respective key arguments: certificate_type: @@ -146,10 +156,13 @@ cmds: description: Specifies the encoding of the key type: string $ref: /evse_security#/EncodingFormat + include_ocsp: + description: Specifies whether per-certificate OCSP data is also requested + type: boolean result: description: The response to the requested command type: object - $ref: /evse_security#/GetKeyPairResult + $ref: /evse_security#/GetCertificateInfoResult get_verify_file: description: Command to get the file path of a CA bundle that can be used for verification arguments: diff --git a/lib/staging/ocpp/evse_security_ocpp.cpp b/lib/staging/ocpp/evse_security_ocpp.cpp index e8b942d2c..a7b3e98b1 100644 --- a/lib/staging/ocpp/evse_security_ocpp.cpp +++ b/lib/staging/ocpp/evse_security_ocpp.cpp @@ -91,13 +91,15 @@ std::string EvseSecurity::generate_certificate_signing_request(const ocpp::Certi organization, common, use_tpm); } -std::optional EvseSecurity::get_key_pair(const ocpp::CertificateSigningUseEnum& certificate_type) { - const auto key_pair_response = this->r_security.call_get_key_pair(conversions::from_ocpp(certificate_type), - types::evse_security::EncodingFormat::PEM); - if (key_pair_response.status == types::evse_security::GetKeyPairStatus::Accepted and - key_pair_response.key_pair.has_value()) { - const auto _key_pair = conversions::to_ocpp(key_pair_response.key_pair.value()); - return _key_pair; +std::optional EvseSecurity::get_leaf_certificate_info(const ocpp::CertificateSigningUseEnum& certificate_type, bool include_ocsp) { + const auto info_response = this->r_security.call_get_leaf_certificate_info(conversions::from_ocpp(certificate_type), + types::evse_security::EncodingFormat::PEM, + include_ocsp); + + if (info_response.status == types::evse_security::GetCertificateInfoStatus::Accepted and + info_response.info.has_value()) { + const auto _info = conversions::to_ocpp(info_response.info.value()); + return _info; } else { return std::nullopt; } @@ -279,12 +281,14 @@ ocpp::OCSPRequestData to_ocpp(types::evse_security::OCSPRequestData other) { return lhs; } -ocpp::KeyPair to_ocpp(types::evse_security::KeyPair other) { - ocpp::KeyPair lhs; +ocpp::CertificateInfo to_ocpp(types::evse_security::CertificateInfo other) { + ocpp::CertificateInfo lhs; lhs.certificate_path = other.certificate; lhs.certificate_single_path = other.certificate_single; lhs.key_path = other.key; lhs.password = other.password; + lhs.certificate_count = other.certificate_count; + lhs.ocsp = other.ocsp; return lhs; } @@ -440,8 +444,8 @@ types::evse_security::OCSPRequestData from_ocpp(ocpp::OCSPRequestData other) { return lhs; } -types::evse_security::KeyPair from_ocpp(ocpp::KeyPair other) { - types::evse_security::KeyPair lhs; +types::evse_security::CertificateInfo from_ocpp(ocpp::CertificateInfo other) { + types::evse_security::CertificateInfo lhs; lhs.key = other.certificate_path; lhs.certificate = other.key_path; return lhs; diff --git a/modules/EvseSecurity/main/evse_securityImpl.cpp b/modules/EvseSecurity/main/evse_securityImpl.cpp index cd6572464..0bb64120b 100644 --- a/modules/EvseSecurity/main/evse_securityImpl.cpp +++ b/modules/EvseSecurity/main/evse_securityImpl.cpp @@ -77,6 +77,10 @@ void evse_securityImpl::handle_update_ocsp_cache(types::evse_security::Certifica this->evse_security->update_ocsp_cache(conversions::from_everest(certificate_hash_data), ocsp_response); } +std::string evse_securityImpl::handle_retrieve_ocsp_cache(types::evse_security::CertificateHashData& certificate_hash_data) { + return this->evse_security->retrieve_ocsp_cache(conversions::from_everest(certificate_hash_data)); +} + bool evse_securityImpl::handle_is_ca_certificate_installed(types::evse_security::CaCertificateType& certificate_type) { return this->evse_security->is_ca_certificate_installed(conversions::from_everest(certificate_type)); } @@ -88,17 +92,18 @@ std::string evse_securityImpl::handle_generate_certificate_signing_request( country, organization, common, use_tpm); } -types::evse_security::GetKeyPairResult -evse_securityImpl::handle_get_key_pair(types::evse_security::LeafCertificateType& certificate_type, - types::evse_security::EncodingFormat& encoding) { - types::evse_security::GetKeyPairResult response; - const auto key_pair = this->evse_security->get_key_pair(conversions::from_everest(certificate_type), - conversions::from_everest(encoding)); +types::evse_security::GetCertificateInfoResult +evse_securityImpl::handle_get_leaf_certificate_info(types::evse_security::LeafCertificateType& certificate_type, + types::evse_security::EncodingFormat& encoding, bool& include_ocsp) { + types::evse_security::GetCertificateInfoResult response; + const auto leaf_info = this->evse_security->get_leaf_certificate_info(conversions::from_everest(certificate_type), + conversions::from_everest(encoding), + include_ocsp); - response.status = conversions::to_everest(key_pair.status); + response.status = conversions::to_everest(leaf_info.status); - if (key_pair.status == evse_security::GetKeyPairStatus::Accepted && key_pair.pair.has_value()) { - response.key_pair = conversions::to_everest(key_pair.pair.value()); + if (leaf_info.status == evse_security::GetCertificateInfoStatus::Accepted && leaf_info.info.has_value()) { + response.info = conversions::to_everest(leaf_info.info.value()); } return response; diff --git a/modules/EvseSecurity/main/evse_securityImpl.hpp b/modules/EvseSecurity/main/evse_securityImpl.hpp index 139bd26a2..f866434cb 100644 --- a/modules/EvseSecurity/main/evse_securityImpl.hpp +++ b/modules/EvseSecurity/main/evse_securityImpl.hpp @@ -52,14 +52,16 @@ class evse_securityImpl : public evse_securityImplBase { handle_get_mo_ocsp_request_data(std::string& certificate_chain) override; virtual void handle_update_ocsp_cache(types::evse_security::CertificateHashData& certificate_hash_data, std::string& ocsp_response) override; + virtual std::string + handle_retrieve_ocsp_cache(types::evse_security::CertificateHashData& certificate_hash_data) override; virtual bool handle_is_ca_certificate_installed(types::evse_security::CaCertificateType& certificate_type) override; virtual std::string handle_generate_certificate_signing_request(types::evse_security::LeafCertificateType& certificate_type, std::string& country, std::string& organization, std::string& common, bool& use_tpm) override; - virtual types::evse_security::GetKeyPairResult - handle_get_key_pair(types::evse_security::LeafCertificateType& certificate_type, - types::evse_security::EncodingFormat& encoding) override; + virtual types::evse_security::GetCertificateInfoResult + handle_get_leaf_certificate_info(types::evse_security::LeafCertificateType& certificate_type, + types::evse_security::EncodingFormat& encoding, bool& include_ocsp) override; virtual std::string handle_get_verify_file(types::evse_security::CaCertificateType& certificate_type) override; virtual int handle_get_leaf_expiry_days_count(types::evse_security::LeafCertificateType& certificate_type) override; virtual bool handle_verify_file_signature(std::string& file_path, std::string& signing_certificate, diff --git a/types/evse_security.yaml b/types/evse_security.yaml index 7709aca3b..9f3061459 100644 --- a/types/evse_security.yaml +++ b/types/evse_security.yaml @@ -76,8 +76,8 @@ types: enum: - Accepted - NotFound - GetKeyPairStatus: - description: Status indicates the result of the attempt to retrieve a a keypair + GetCertificateInfoStatus: + description: Status indicates the result of the attempt to retrieve a certificate type: string enum: - Accepted @@ -183,7 +183,18 @@ types: minimum: 0 type: object $ref: /evse_security#/OCSPRequestData - KeyPair: + CertificateOCSP: + description: OCSP data related to requested the certificates + type: object + properties: + hash: + description: Hash of certificate linked to the provided data + type: object + ref: /evse_security#/CertificateHashData + ocsp_path: + description: OCSP path of the file containing the data + type: string + CertificateInfo: description: Type that specifies the paths of a certificate and the respective private key type: object required: @@ -200,11 +211,21 @@ types: certificate_single: description: The path of the PEM or DER encoded single certificate type: string + certificate_count: + description: The count of certificates in the chain or 1 if only the single certificate is present + type: integer password: description: Specifies the password for the private key if encrypted type: string - GetKeyPairResult: - description: Response to the command get_key_pair + ocsp: + description: Certificate related OCSP data, if requested + type: array + items: + minimum: 0 + type: object + $ref: /evse_security#/CertificateOCSP + GetCertificateInfoResult: + description: Response to the command get_leaf_certificate_info type: object required: - status @@ -212,9 +233,9 @@ types: status: description: The status of the requested command type: string - $ref: /evse_security#/GetKeyPairStatus - key_pair: - description: The requested key pair + $ref: /evse_security#/GetCertificateInfoStatus + info: + description: The requested info type: object - $ref: /evse_security#/KeyPair + $ref: /evse_security#/CertificateInfo From 79cd3f189becb03efb94300d73a90d67eba24141 Mon Sep 17 00:00:00 2001 From: AssemblyJohn Date: Tue, 30 Apr 2024 15:21:00 +0300 Subject: [PATCH 2/3] Format and fixes Signed-off-by: AssemblyJohn --- lib/staging/ocpp/evse_security_ocpp.cpp | 34 +++++++++--- lib/staging/ocpp/evse_security_ocpp.hpp | 8 +-- modules/EvseSecurity/conversions.cpp | 52 +++++++++++++------ modules/EvseSecurity/conversions.hpp | 6 +-- .../EvseSecurity/main/evse_securityImpl.cpp | 19 ++++--- modules/EvseV2G/connection.cpp | 12 ++--- types/evse_security.yaml | 9 ++-- 7 files changed, 94 insertions(+), 46 deletions(-) diff --git a/lib/staging/ocpp/evse_security_ocpp.cpp b/lib/staging/ocpp/evse_security_ocpp.cpp index a7b3e98b1..45cb4393b 100644 --- a/lib/staging/ocpp/evse_security_ocpp.cpp +++ b/lib/staging/ocpp/evse_security_ocpp.cpp @@ -91,10 +91,10 @@ std::string EvseSecurity::generate_certificate_signing_request(const ocpp::Certi organization, common, use_tpm); } -std::optional EvseSecurity::get_leaf_certificate_info(const ocpp::CertificateSigningUseEnum& certificate_type, bool include_ocsp) { - const auto info_response = this->r_security.call_get_leaf_certificate_info(conversions::from_ocpp(certificate_type), - types::evse_security::EncodingFormat::PEM, - include_ocsp); +std::optional +EvseSecurity::get_leaf_certificate_info(const ocpp::CertificateSigningUseEnum& certificate_type, bool include_ocsp) { + const auto info_response = this->r_security.call_get_leaf_certificate_info( + conversions::from_ocpp(certificate_type), types::evse_security::EncodingFormat::PEM, include_ocsp); if (info_response.status == types::evse_security::GetCertificateInfoStatus::Accepted and info_response.info.has_value()) { @@ -281,6 +281,17 @@ ocpp::OCSPRequestData to_ocpp(types::evse_security::OCSPRequestData other) { return lhs; } +ocpp::CertificateOCSP to_ocpp(types::evse_security::CertificateOCSP other) { + ocpp::CertificateOCSP lhs; + lhs.hash = to_ocpp(other.hash); + + if (other.ocsp_path.has_value()) { + lhs.ocsp_path = other.ocsp_path.value(); + } + + return lhs; +} + ocpp::CertificateInfo to_ocpp(types::evse_security::CertificateInfo other) { ocpp::CertificateInfo lhs; lhs.certificate_path = other.certificate; @@ -288,7 +299,13 @@ ocpp::CertificateInfo to_ocpp(types::evse_security::CertificateInfo other) { lhs.key_path = other.key; lhs.password = other.password; lhs.certificate_count = other.certificate_count; - lhs.ocsp = other.ocsp; + + if (other.ocsp.has_value()) { + for (auto& ocsp_data : other.ocsp.value()) { + lhs.ocsp.push_back(to_ocpp(ocsp_data)); + } + } + return lhs; } @@ -446,8 +463,11 @@ types::evse_security::OCSPRequestData from_ocpp(ocpp::OCSPRequestData other) { types::evse_security::CertificateInfo from_ocpp(ocpp::CertificateInfo other) { types::evse_security::CertificateInfo lhs; - lhs.key = other.certificate_path; - lhs.certificate = other.key_path; + lhs.certificate = other.certificate_path; + lhs.certificate_single = other.certificate_single_path; + lhs.certificate_count = other.certificate_count; + lhs.key = other.key_path; + lhs.password = other.password; return lhs; } diff --git a/lib/staging/ocpp/evse_security_ocpp.hpp b/lib/staging/ocpp/evse_security_ocpp.hpp index 24c7088fe..72ca70003 100644 --- a/lib/staging/ocpp/evse_security_ocpp.hpp +++ b/lib/staging/ocpp/evse_security_ocpp.hpp @@ -35,7 +35,8 @@ class EvseSecurity : public ocpp::EvseSecurity { std::string generate_certificate_signing_request(const ocpp::CertificateSigningUseEnum& certificate_type, const std::string& country, const std::string& organization, const std::string& common, bool use_tpm) override; - std::optional get_key_pair(const ocpp::CertificateSigningUseEnum& certificate_type) override; + std::optional + get_leaf_certificate_info(const ocpp::CertificateSigningUseEnum& certificate_type, bool include_ocsp) override; bool update_certificate_links(const ocpp::CertificateSigningUseEnum& certificate_type) override; std::string get_verify_file(const ocpp::CaCertificateType& certificate_type) override; int get_leaf_expiry_days_count(const ocpp::CertificateSigningUseEnum& certificate_type) override; @@ -54,7 +55,8 @@ ocpp::DeleteCertificateResult to_ocpp(types::evse_security::DeleteCertificateRes ocpp::CertificateHashDataType to_ocpp(types::evse_security::CertificateHashData other); ocpp::CertificateHashDataChain to_ocpp(types::evse_security::CertificateHashDataChain other); ocpp::OCSPRequestData to_ocpp(types::evse_security::OCSPRequestData other); -ocpp::KeyPair to_ocpp(types::evse_security::KeyPair other); +ocpp::CertificateOCSP to_ocpp(types::evse_security::CertificateOCSP other); +ocpp::CertificateInfo to_ocpp(types::evse_security::CertificateInfo other); types::evse_security::CaCertificateType from_ocpp(ocpp::CaCertificateType other); types::evse_security::LeafCertificateType from_ocpp(ocpp::CertificateSigningUseEnum other); @@ -67,7 +69,7 @@ types::evse_security::DeleteCertificateResult from_ocpp(ocpp::DeleteCertificateR types::evse_security::CertificateHashData from_ocpp(ocpp::CertificateHashDataType other); types::evse_security::CertificateHashDataChain from_ocpp(ocpp::CertificateHashDataChain other); types::evse_security::OCSPRequestData from_ocpp(ocpp::OCSPRequestData other); -types::evse_security::KeyPair from_ocpp(ocpp::KeyPair other); +types::evse_security::CertificateInfo from_ocpp(ocpp::CertificateInfo other); }; // namespace conversions diff --git a/modules/EvseSecurity/conversions.cpp b/modules/EvseSecurity/conversions.cpp index eba1adaaf..c7be1131c 100644 --- a/modules/EvseSecurity/conversions.cpp +++ b/modules/EvseSecurity/conversions.cpp @@ -188,12 +188,29 @@ evse_security::OCSPRequestDataList from_everest(types::evse_security::OCSPReques return lhs; } -evse_security::KeyPair from_everest(types::evse_security::KeyPair other) { - evse_security::KeyPair lhs; +evse_security::CertificateOCSP from_everest(types::evse_security::CertificateOCSP other) { + evse_security::CertificateOCSP lhs; + lhs.hash = from_everest(other.hash); + + if (other.ocsp_path.has_value()) { + lhs.ocsp_path = other.ocsp_path.value(); + } + + return lhs; +} + +evse_security::CertificateInfo from_everest(types::evse_security::CertificateInfo other) { + evse_security::CertificateInfo lhs; lhs.key = other.key; lhs.certificate = other.certificate; lhs.certificate_single = other.certificate_single; + lhs.certificate_count = other.certificate_count; lhs.password = other.password; + if (other.ocsp.has_value()) { + for (auto& ocsp_data : other.ocsp.value()) { + lhs.ocsp.push_back(from_everest(ocsp_data)); + } + } return lhs; } @@ -346,21 +363,21 @@ types::evse_security::GetInstalledCertificatesStatus to_everest(evse_security::G } } -types::evse_security::GetKeyPairStatus to_everest(evse_security::GetKeyPairStatus other) { +types::evse_security::GetCertificateInfoStatus to_everest(evse_security::GetCertificateInfoStatus other) { switch (other) { - case evse_security::GetKeyPairStatus::Accepted: - return types::evse_security::GetKeyPairStatus::Accepted; - case evse_security::GetKeyPairStatus::Rejected: - return types::evse_security::GetKeyPairStatus::Rejected; - case evse_security::GetKeyPairStatus::NotFound: - return types::evse_security::GetKeyPairStatus::NotFound; - case evse_security::GetKeyPairStatus::NotFoundValid: - return types::evse_security::GetKeyPairStatus::NotFoundValid; - case evse_security::GetKeyPairStatus::PrivateKeyNotFound: - return types::evse_security::GetKeyPairStatus::PrivateKeyNotFound; + case evse_security::GetCertificateInfoStatus::Accepted: + return types::evse_security::GetCertificateInfoStatus::Accepted; + case evse_security::GetCertificateInfoStatus::Rejected: + return types::evse_security::GetCertificateInfoStatus::Rejected; + case evse_security::GetCertificateInfoStatus::NotFound: + return types::evse_security::GetCertificateInfoStatus::NotFound; + case evse_security::GetCertificateInfoStatus::NotFoundValid: + return types::evse_security::GetCertificateInfoStatus::NotFoundValid; + case evse_security::GetCertificateInfoStatus::PrivateKeyNotFound: + return types::evse_security::GetCertificateInfoStatus::PrivateKeyNotFound; default: - throw std::runtime_error("Could not convert evse_security::GetKeyPairStatus to " - "types::evse_security::GetKeyPairStatus"); + throw std::runtime_error("Could not convert evse_security::GetCertificateInfoStatus to " + "types::evse_security::GetCertificateInfoStatus"); } } @@ -415,12 +432,13 @@ types::evse_security::OCSPRequestDataList to_everest(evse_security::OCSPRequestD return lhs; } -types::evse_security::KeyPair to_everest(evse_security::KeyPair other) { - types::evse_security::KeyPair lhs; +types::evse_security::CertificateInfo to_everest(evse_security::CertificateInfo other) { + types::evse_security::CertificateInfo lhs; lhs.key = other.key; lhs.certificate = other.certificate; lhs.certificate_single = other.certificate_single; lhs.password = other.password; + lhs.certificate_count = other.certificate_count; return lhs; } diff --git a/modules/EvseSecurity/conversions.hpp b/modules/EvseSecurity/conversions.hpp index b87220a15..bd177889a 100644 --- a/modules/EvseSecurity/conversions.hpp +++ b/modules/EvseSecurity/conversions.hpp @@ -24,7 +24,7 @@ evse_security::CertificateHashDataChain from_everest(types::evse_security::Certi evse_security::GetInstalledCertificatesResult from_everest(types::evse_security::GetInstalledCertificatesResult other); evse_security::OCSPRequestData from_everest(types::evse_security::OCSPRequestData other); evse_security::OCSPRequestDataList from_everest(types::evse_security::OCSPRequestDataList other); -evse_security::KeyPair from_everest(types::evse_security::KeyPair other); +evse_security::CertificateInfo from_everest(types::evse_security::CertificateInfo other); types::evse_security::EncodingFormat to_everest(evse_security::EncodingFormat other); types::evse_security::CaCertificateType to_everest(evse_security::CaCertificateType other); @@ -35,14 +35,14 @@ types::evse_security::InstallCertificateResult to_everest(evse_security::Install types::evse_security::CertificateValidationResult to_everest(evse_security::CertificateValidationResult other); types::evse_security::DeleteCertificateResult to_everest(evse_security::DeleteCertificateResult other); types::evse_security::GetInstalledCertificatesStatus to_everest(evse_security::GetInstalledCertificatesStatus other); -types::evse_security::GetKeyPairStatus to_everest(evse_security::GetKeyPairStatus other); +types::evse_security::GetCertificateInfoStatus to_everest(evse_security::GetCertificateInfoStatus other); types::evse_security::CertificateHashData to_everest(evse_security::CertificateHashData other); types::evse_security::CertificateHashDataChain to_everest(evse_security::CertificateHashDataChain other); types::evse_security::GetInstalledCertificatesResult to_everest(evse_security::GetInstalledCertificatesResult other); types::evse_security::OCSPRequestData to_everest(evse_security::OCSPRequestData other); types::evse_security::OCSPRequestDataList to_everest(evse_security::OCSPRequestDataList other); -types::evse_security::KeyPair to_everest(evse_security::KeyPair other); +types::evse_security::CertificateInfo to_everest(evse_security::CertificateInfo other); } // namespace conversions diff --git a/modules/EvseSecurity/main/evse_securityImpl.cpp b/modules/EvseSecurity/main/evse_securityImpl.cpp index 0bb64120b..01661e9cf 100644 --- a/modules/EvseSecurity/main/evse_securityImpl.cpp +++ b/modules/EvseSecurity/main/evse_securityImpl.cpp @@ -77,8 +77,15 @@ void evse_securityImpl::handle_update_ocsp_cache(types::evse_security::Certifica this->evse_security->update_ocsp_cache(conversions::from_everest(certificate_hash_data), ocsp_response); } -std::string evse_securityImpl::handle_retrieve_ocsp_cache(types::evse_security::CertificateHashData& certificate_hash_data) { - return this->evse_security->retrieve_ocsp_cache(conversions::from_everest(certificate_hash_data)); +std::string +evse_securityImpl::handle_retrieve_ocsp_cache(types::evse_security::CertificateHashData& certificate_hash_data) { + auto cache = this->evse_security->retrieve_ocsp_cache(conversions::from_everest(certificate_hash_data)); + + if (cache.has_value()) { + return cache.value(); + } + + return {}; } bool evse_securityImpl::handle_is_ca_certificate_installed(types::evse_security::CaCertificateType& certificate_type) { @@ -94,11 +101,11 @@ std::string evse_securityImpl::handle_generate_certificate_signing_request( types::evse_security::GetCertificateInfoResult evse_securityImpl::handle_get_leaf_certificate_info(types::evse_security::LeafCertificateType& certificate_type, - types::evse_security::EncodingFormat& encoding, bool& include_ocsp) { + types::evse_security::EncodingFormat& encoding, + bool& include_ocsp) { types::evse_security::GetCertificateInfoResult response; - const auto leaf_info = this->evse_security->get_leaf_certificate_info(conversions::from_everest(certificate_type), - conversions::from_everest(encoding), - include_ocsp); + const auto leaf_info = this->evse_security->get_leaf_certificate_info( + conversions::from_everest(certificate_type), conversions::from_everest(encoding), include_ocsp); response.status = conversions::to_everest(leaf_info.status); diff --git a/modules/EvseV2G/connection.cpp b/modules/EvseV2G/connection.cpp index bcb9ae36c..a00fcc2a7 100644 --- a/modules/EvseV2G/connection.cpp +++ b/modules/EvseV2G/connection.cpp @@ -494,16 +494,16 @@ static bool connection_init_tls(struct v2g_context* ctx) { std::string v2g_root_cert_path = ctx->r_security->call_get_verify_file(types::evse_security::CaCertificateType::V2G); - const auto key_pair_response = ctx->r_security->call_get_key_pair(types::evse_security::LeafCertificateType::V2G, - types::evse_security::EncodingFormat::PEM); - if (key_pair_response.status != types::evse_security::GetKeyPairStatus::Accepted) { + const auto key_pair_response = ctx->r_security->call_get_leaf_certificate_info( + types::evse_security::LeafCertificateType::V2G, types::evse_security::EncodingFormat::PEM, false); + if (key_pair_response.status != types::evse_security::GetCertificateInfoStatus::Accepted) { dlog(DLOG_LEVEL_ERROR, "Failed to read key/pair!"); return false; } - std::string evse_leaf_cert_path = key_pair_response.key_pair.value().certificate; - std::string evse_leaf_key_path = key_pair_response.key_pair.value().key; - std::string secc_leaf_key_password = key_pair_response.key_pair.value().password.value_or(""); + std::string evse_leaf_cert_path = key_pair_response.info.value().certificate.value(); + std::string evse_leaf_key_path = key_pair_response.info.value().key; + std::string secc_leaf_key_password = key_pair_response.info.value().password.value_or(""); uint8_t num_of_v2g_root = 1; mbedtls_x509_crt* root_crt = &ctx->v2g_root_crt; diff --git a/types/evse_security.yaml b/types/evse_security.yaml index 9f3061459..107944e60 100644 --- a/types/evse_security.yaml +++ b/types/evse_security.yaml @@ -186,11 +186,13 @@ types: CertificateOCSP: description: OCSP data related to requested the certificates type: object + required: + - hash properties: hash: description: Hash of certificate linked to the provided data type: object - ref: /evse_security#/CertificateHashData + $ref: /evse_security#/CertificateHashData ocsp_path: description: OCSP path of the file containing the data type: string @@ -198,9 +200,8 @@ types: description: Type that specifies the paths of a certificate and the respective private key type: object required: - - key - - certificate - - certificate_single + - key + - certificate_count properties: key: description: The path of the PEM or DER encoded private key From 83915cdb9d5a77737c54a43520f6d052cf993f39 Mon Sep 17 00:00:00 2001 From: AssemblyJohn Date: Tue, 30 Apr 2024 15:29:07 +0300 Subject: [PATCH 3/3] Updated deps Signed-off-by: AssemblyJohn --- dependencies.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies.yaml b/dependencies.yaml index 5f5e1bf85..81781be61 100644 --- a/dependencies.yaml +++ b/dependencies.yaml @@ -53,7 +53,7 @@ libevse-security: # OCPP libocpp: git: https://github.com/EVerest/libocpp.git - git_tag: v0.11.0 + git_tag: f4868f3 cmake_condition: "EVEREST_DEPENDENCY_ENABLED_LIBOCPP" # Josev Josev: