- Modified OCSP cache to unique filenames

- Refactored get_key_pair for extra info

Signed-off-by: AssemblyJohn <[email protected]>

include/evse_security/evse_security.hpp

@@ -186,8 +186,10 @@ class EvseSecurity {
     /// the leaf including any possible SUBCAs
     /// @param certificate_type type of the leaf certificate
     /// @param encoding specifies PEM or DER format
+    /// @param include_ocsp if OCSP data should be included
     /// @return contains response result
-    GetKeyPairResult get_key_pair(LeafCertificateType certificate_type, EncodingFormat encoding);
+    GetCertificateInfoResult get_leaf_certificate_info(LeafCertificateType certificate_type, EncodingFormat encoding,
+                                                       bool include_ocsp = false);
 
     /// @brief Checks and updates the symlinks for the V2G leaf certificates and keys to the most recent valid one
     /// @return true if one of the links was updated
@@ -243,7 +245,9 @@ class EvseSecurity {
     // Internal versions of the functions do not lock the mutex
     CertificateValidationResult verify_certificate_internal(const std::string& certificate_chain,
                                                             LeafCertificateType certificate_type);
-    GetKeyPairResult get_key_pair_internal(LeafCertificateType certificate_type, EncodingFormat encoding);
+    GetCertificateInfoResult get_leaf_certificate_info_internal(LeafCertificateType certificate_type,
+                                                                EncodingFormat encoding, bool include_ocsp = false);
+    std::optional<std::string> retrieve_ocsp_cache_internal(const CertificateHashData& certificate_hash_data);
     bool is_ca_certificate_installed_internal(CaCertificateType certificate_type);
 
     /// @brief Determines if the total filesize of certificates is > than the max_filesystem_usage bytes

include/evse_security/evse_types.hpp

@@ -76,7 +76,7 @@ enum class GetInstalledCertificatesStatus {
     NotFound,
 };
 
-enum class GetKeyPairStatus {
+enum class GetCertificateInfoStatus {
     Accepted,
     Rejected,
     NotFound,
@@ -123,15 +123,25 @@ struct OCSPRequestData {
 struct OCSPRequestDataList {
     std::vector<OCSPRequestData> ocsp_request_data_list; ///< A list of OCSP request data
 };
-struct KeyPair {
-    fs::path key;                        ///< The path of the PEM or DER encoded private key
-    fs::path certificate;                ///< The path of the PEM or DER encoded certificate chain
-    fs::path certificate_single;         ///< The path of the PEM or DER encoded certificate
+
+struct CertificateOCSP {
+    CertificateHashData hash;
+    std::optional<fs::path> oscsp_data;
+};
+
+struct CertificateInfo {
+    fs::path key;                               ///< The path of the PEM or DER encoded private key
+    std::optional<fs::path> certificate;        ///< The path of the PEM or DER encoded certificate chain if found
+    std::optional<fs::path> certificate_single; ///< The path of the PEM or DER encoded certificate if found
+    int certificate_count; ///< The count of certificates in the chain, if the chain is available, or if single 1
     std::optional<std::string> password; ///< Specifies the password for the private key if encrypted
+    std::vector<CertificateOCSP>
+        oscsp; ///< Contains the ordered list of OCSP certificate data based on the chain file order
 };
-struct GetKeyPairResult {
-    GetKeyPairStatus status;
-    std::optional<KeyPair> pair;
+
+struct GetCertificateInfoResult {
+    GetCertificateInfoStatus status;
+    std::optional<CertificateInfo> info;
 };
 
 namespace conversions {
@@ -144,7 +154,7 @@ std::string hash_algorithm_to_string(HashAlgorithm e);
 std::string install_certificate_result_to_string(InstallCertificateResult e);
 std::string delete_certificate_result_to_string(DeleteCertificateResult e);
 std::string get_installed_certificates_status_to_string(GetInstalledCertificatesStatus e);
-std::string get_key_pair_status_to_string(GetKeyPairStatus e);
+std::string get_certificate_info_status_to_string(GetCertificateInfoStatus e);
 } // namespace conversions
 
 } // namespace evse_security