diff --git a/include/evse_security/evse_security.hpp b/include/evse_security/evse_security.hpp index 867a996..a6182a2 100644 --- a/include/evse_security/evse_security.hpp +++ b/include/evse_security/evse_security.hpp @@ -4,9 +4,9 @@ #include +#include #include #include -#include #include #include @@ -87,10 +87,10 @@ class EvseSecurity { /// @brief Verifies the given \p certificate_chain for the given \p certificate_type against the respective CA /// certificates for the leaf. /// @param certificate_chain PEM formatted certificate or certificate chain - /// @param certificate_type type of the leaf certificate + /// @param certificate_type type of the root certificate for which the chain is verified /// @return result of the operation CertificateValidationError verify_certificate(const std::string& certificate_chain, - const CaCertificateType certificate_type); + const CaCertificateType certificate_type); /// @brief Verifies the given \p certificate_chain for the given \p certificate_type against the respective CA /// certificates for the leaf and if valid installs the certificate on the filesystem. Before installing on the @@ -123,7 +123,7 @@ class EvseSecurity { /// @param certificate_type type of the leaf certificate /// @return contains OCSP request data OCSPRequestDataList get_ocsp_request_data(const std::string& certificate_chain, - const CaCertificateType certificate_type); + const CaCertificateType certificate_type); /// @brief Updates the OCSP cache for the given \p certificate_hash_data with the given \p ocsp_response /// @param certificate_hash_data identifies the certificate for which the \p ocsp_response is specified @@ -198,7 +198,7 @@ class EvseSecurity { private: // Internal versions of the functions do not lock the mutex CertificateValidationError verify_certificate_internal(const std::string& certificate_chain, - CaCertificateType certificate_type); + CaCertificateType certificate_type); GetKeyPairResult get_key_pair_internal(LeafCertificateType certificate_type, EncodingFormat encoding); /// @brief Determines if the total filesize of certificates is > than the max_filesystem_usage bytes diff --git a/lib/evse_security/evse_security.cpp b/lib/evse_security/evse_security.cpp index da31faf..8290ebc 100644 --- a/lib/evse_security/evse_security.cpp +++ b/lib/evse_security/evse_security.cpp @@ -641,7 +641,7 @@ OCSPRequestDataList EvseSecurity::get_ocsp_request_data() { } OCSPRequestDataList EvseSecurity::get_ocsp_request_data(const std::string& certificate_chain, - const CaCertificateType certificate_type) { + const CaCertificateType certificate_type) { std::lock_guard guard(EvseSecurity::security_mutex); OCSPRequestDataList response; @@ -1079,14 +1079,14 @@ bool EvseSecurity::verify_file_signature(const fs::path& path, const std::string } CertificateValidationError EvseSecurity::verify_certificate(const std::string& certificate_chain, - CaCertificateType certificate_type) { + CaCertificateType certificate_type) { std::lock_guard guard(EvseSecurity::security_mutex); return verify_certificate_internal(certificate_chain, certificate_type); } CertificateValidationError EvseSecurity::verify_certificate_internal(const std::string& certificate_chain, - CaCertificateType certificate_type) { + CaCertificateType certificate_type) { try { X509CertificateBundle certificate(certificate_chain, EncodingFormat::PEM); std::vector _certificate_chain = certificate.split();