Merge pull request #18 from dspace-group/fix/tcp_assembly

Allow TCP Assembly, improved certificate errors, fixed X509SerialNumber
dspace-group · Sep 25, 2024 · 507ffbe · 507ffbe
2 parents c409016 + 296e90e
commit 507ffbe
Show file tree

Hide file tree

Showing 21 changed files with 1,476 additions and 429 deletions.
diff --git a/Images/WS_ISO15118_2_Cert_Error.png b/Images/WS_ISO15118_2_Cert_Error.png
diff --git a/Installer/InstallerScript.iss b/Installer/InstallerScript.iss
@@ -1,5 +1,5 @@
 // DO NOT CHANGE VERSION HERE! Run update_version.bat
-#define AppVer "1.4.2"
+#define AppVer "1.4.3"
 #define AppId "dsV2Gshark"
 
 [Setup]

diff --git a/README.md b/README.md
@@ -2,7 +2,8 @@
 [![Release](https://img.shields.io/github/v/release/dspace-group/dsV2Gshark?label=release)](https://github.com/dspace-group/dsV2Gshark/releases)
 [![dSPACE](https://img.shields.io/badge/-OpenSource%20powered%20by%20dSPACE-blue)](https://www.dspace.com/)
 
-## ❗Wireshark 4.4+ requires dsV2Gshark 1.4.2 or higher❗
+> [!IMPORTANT]
+**Wireshark 4.4+ requires dsV2Gshark 1.4.2 or higher**
 
 ## Overview
 This Wireshark plugin allows to analyze and decode packets between electric vehicles (EV) and charging stations (EVSE), also known as V2G messages.  
@@ -22,7 +23,7 @@ This Wireshark plugin allows to analyze and decode packets between electric vehi
 - Additional analysis features:
     - Validation of V2G messages according to XSD specification
     - Certificate information details for Plug & Charge (PnC)
-    - Live TLS decryption
+    - Live TLS decryption <small>(requires secret disclosure)</small>
     - LLC diagnostics via HomePlug AV packets for sniffer and debug packets
 - Automatic schema detection
     - Detect schema automatically in case of missing SDP or SAP
@@ -31,9 +32,14 @@ This Wireshark plugin allows to analyze and decode packets between electric vehi
 - Wireshark I/O Graph support for V2G packets
 
 ### Live TLS Decryption
+> [!IMPORTANT]
+To decrypt a TLS session, you need a compatible device (like the dSPACE DS5366) that is capable of disclosing the TLS secret during or after the handshake. Please note that this feature is not available on productive devices. It is not possible to decrypt regular TLS sessions.  
+If a session with a disclosed TLS secret was recorded without dsV2Gshark being installed, you can still decrypt the data by installing dsV2Gshark afterwards.
+
 The plugin processes a TLS master secret disclosure packet after handshake to decode the following V2G session.  
 The disclosure message is a UDP packet within the source port range 49152-65535 (see Wireshark protocol settings) containing the ASCII string `CLIENT_RANDOM <32-byte client random> <48-byte master secret>` as payload data (TLS 1.2). This disclosure message has to be sent from one of the communication partners in a testing environment.  
 For TLS 1.3 decryption you have to provide different secrets: `CLIENT_HANDSHAKE_TRAFFIC_SECRET`, `SERVER_HANDSHAKE_TRAFFIC_SECRET`, `EXPORTER_SECRET`, `CLIENT_TRAFFIC_SECRET_<number>`, `SERVER_TRAFFIC_SECRET_<number>`. You can send one UDP packet for each secret or combine the secrets in one UDP packet (separated by line breaks).  
+> [!NOTE]
 In order to autodecrypt charging sessions using non-GUI versions of Wireshark (e.g. tshark), the full PCAP must be parsed twice. This is because there is no matching redissection trigger available in the Wireshark API.
 
 ### Wireshark I/O Graph
@@ -86,6 +92,8 @@ Click on a packet in the graph to inspect it in the Wireshark main window. Press
 ![ISO 15118-2 Certificates](Images/WS_ISO15118_2_Certificate.png)
 ### Message Validation
 ![ISO 15118-20 Message Validation](Images/WS_ISO15118_20_MsgValidation.png)
+### Certificate Check
+![ISO 15118-2 Certificate Check](Images/WS_ISO15118_2_Cert_Error.png)
 ### Live TLS Decryption
 ![ISO 15118-2 Live TLS](Images/WS_ISO15118_2_LiveTLS.png)
 ### Filter Buttons

diff --git a/V2G_Libraries/Third_Party/GnuTLS/include/gnutls/gnutls.h b/V2G_Libraries/Third_Party/GnuTLS/include/gnutls/gnutls.h
@@ -49,14 +49,14 @@
 extern "C" {
 #endif
 
-#define GNUTLS_VERSION "3.8.3"
+#define GNUTLS_VERSION "3.8.4"
 
 /* clang-format off */
 #define GNUTLS_VERSION_MAJOR 3
 #define GNUTLS_VERSION_MINOR 8
-#define GNUTLS_VERSION_PATCH 3
+#define GNUTLS_VERSION_PATCH 4
 
-#define GNUTLS_VERSION_NUMBER 0x030803
+#define GNUTLS_VERSION_NUMBER 0x030804
 /* clang-format on */
 
 #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
@@ -876,6 +876,7 @@ typedef enum gnutls_certificate_print_formats {
  * gnutls_pk_algorithm_t:
  * @GNUTLS_PK_UNKNOWN: Unknown public-key algorithm.
  * @GNUTLS_PK_RSA: RSA public-key algorithm.
+ * @GNUTLS_PK_RSA_OAEP: RSA public-key algorithm, with OAEP padding.
  * @GNUTLS_PK_RSA_PSS: RSA public-key algorithm, with PSS padding.
  * @GNUTLS_PK_DSA: DSA public-key algorithm.
  * @GNUTLS_PK_DH: Diffie-Hellman algorithm. Used to generate parameters.
@@ -904,7 +905,8 @@ typedef enum {
 	GNUTLS_PK_GOST_12_512 = 10,
 	GNUTLS_PK_ECDH_X448 = 11,
 	GNUTLS_PK_EDDSA_ED448 = 12,
-	GNUTLS_PK_MAX = GNUTLS_PK_EDDSA_ED448
+	GNUTLS_PK_RSA_OAEP = 13,
+	GNUTLS_PK_MAX = GNUTLS_PK_RSA_OAEP
 } gnutls_pk_algorithm_t;
 
 const char *gnutls_pk_algorithm_get_name(gnutls_pk_algorithm_t algorithm);