Skip to content

Commit

Permalink
- Modified OCSP cache to unique filenames
Browse files Browse the repository at this point in the history
- Refactored get_key_pair for extra info

Signed-off-by: AssemblyJohn <[email protected]>
  • Loading branch information
AssemblyJohn committed Apr 24, 2024
1 parent 4ca86a0 commit 7a9cf64
Show file tree
Hide file tree
Showing 5 changed files with 183 additions and 86 deletions.
8 changes: 6 additions & 2 deletions include/evse_security/evse_security.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -186,8 +186,10 @@ class EvseSecurity {
/// the leaf including any possible SUBCAs
/// @param certificate_type type of the leaf certificate
/// @param encoding specifies PEM or DER format
/// @param include_ocsp if OCSP data should be included
/// @return contains response result
GetKeyPairResult get_key_pair(LeafCertificateType certificate_type, EncodingFormat encoding);
GetCertificateInfoResult get_leaf_certificate_info(LeafCertificateType certificate_type, EncodingFormat encoding,
bool include_ocsp = false);

/// @brief Checks and updates the symlinks for the V2G leaf certificates and keys to the most recent valid one
/// @return true if one of the links was updated
Expand Down Expand Up @@ -243,7 +245,9 @@ class EvseSecurity {
// Internal versions of the functions do not lock the mutex
CertificateValidationResult verify_certificate_internal(const std::string& certificate_chain,
LeafCertificateType certificate_type);
GetKeyPairResult get_key_pair_internal(LeafCertificateType certificate_type, EncodingFormat encoding);
GetCertificateInfoResult get_leaf_certificate_info_internal(LeafCertificateType certificate_type,
EncodingFormat encoding, bool include_ocsp = false);
std::optional<std::string> retrieve_ocsp_cache_internal(const CertificateHashData& certificate_hash_data);
bool is_ca_certificate_installed_internal(CaCertificateType certificate_type);

/// @brief Determines if the total filesize of certificates is > than the max_filesystem_usage bytes
Expand Down
28 changes: 19 additions & 9 deletions include/evse_security/evse_types.hpp
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ enum class GetInstalledCertificatesStatus {
NotFound,
};

enum class GetKeyPairStatus {
enum class GetCertificateInfoStatus {
Accepted,
Rejected,
NotFound,
Expand Down Expand Up @@ -123,15 +123,25 @@ struct OCSPRequestData {
struct OCSPRequestDataList {
std::vector<OCSPRequestData> ocsp_request_data_list; ///< A list of OCSP request data
};
struct KeyPair {
fs::path key; ///< The path of the PEM or DER encoded private key
fs::path certificate; ///< The path of the PEM or DER encoded certificate chain
fs::path certificate_single; ///< The path of the PEM or DER encoded certificate

struct CertificateOCSP {
CertificateHashData hash;

Check notice on line 128 in include/evse_security/evse_types.hpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

include/evse_security/evse_types.hpp#L128

struct member 'CertificateOCSP::hash' is never used.
std::optional<fs::path> oscsp_data;
};

struct CertificateInfo {
fs::path key; ///< The path of the PEM or DER encoded private key
std::optional<fs::path> certificate; ///< The path of the PEM or DER encoded certificate chain if found
std::optional<fs::path> certificate_single; ///< The path of the PEM or DER encoded certificate if found
int certificate_count; ///< The count of certificates in the chain, if the chain is available, or if single 1

Check notice on line 136 in include/evse_security/evse_types.hpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

include/evse_security/evse_types.hpp#L136

struct member 'CertificateInfo::certificate_count' is never used.
std::optional<std::string> password; ///< Specifies the password for the private key if encrypted
std::vector<CertificateOCSP>
oscsp; ///< Contains the ordered list of OCSP certificate data based on the chain file order

Check notice on line 139 in include/evse_security/evse_types.hpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

include/evse_security/evse_types.hpp#L139

struct member 'CertificateInfo::oscsp' is never used.
};
struct GetKeyPairResult {
GetKeyPairStatus status;
std::optional<KeyPair> pair;

struct GetCertificateInfoResult {
GetCertificateInfoStatus status;

Check notice on line 143 in include/evse_security/evse_types.hpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

include/evse_security/evse_types.hpp#L143

struct member 'GetCertificateInfoResult::status' is never used.
std::optional<CertificateInfo> info;
};

namespace conversions {
Expand All @@ -144,7 +154,7 @@ std::string hash_algorithm_to_string(HashAlgorithm e);
std::string install_certificate_result_to_string(InstallCertificateResult e);
std::string delete_certificate_result_to_string(DeleteCertificateResult e);
std::string get_installed_certificates_status_to_string(GetInstalledCertificatesStatus e);
std::string get_key_pair_status_to_string(GetKeyPairStatus e);
std::string get_certificate_info_status_to_string(GetCertificateInfoStatus e);
} // namespace conversions

} // namespace evse_security
Loading

0 comments on commit 7a9cf64

Please sign in to comment.