2022-11-04/Jerry Wang

[OCPP 2.0.1]

Action:
1. Improve security and PnC related functions.
2. Other low priorty improvements.

File:
1. EVSE/Modularization/ocpp20/JsonParser.c
--> Action 2
2. EVSE/Modularization/ocpp20/MessageHandler.c
--> Action 1,2
3. EVSE/Modularization/ocpp20/MessageHandler.h
--> Action 1
4. EVSE/Modularization/ocpp20/Module_OcppBackend20.c
--> Action 1
5. EVSE/Modularization/ocpp20/Module_OcppBackend20.h
--> Action 1

EVSE/Modularization/ocpp20/JsonParser.c

@@ -227,7 +227,7 @@ void ReceivedMessage(void *in, size_t len)
 				case MESSAGE_TYPE_CALL:
 					sprintf(Action, "%s", json_object_get_string(json_object_array_get_idx(obj, 2)));
 					sprintf(Payload, "%s", json_object_to_json_string_ext(json_object_array_get_idx(obj, 3), JSON_C_TO_STRING_PLAIN));
-					if(GetServerSign()==TRUE || ((strstr(Action,"TriggerMessage")!=NULL) && (strstr(Payload,"BootNotification")!=NULL)))
+					if(GetServerSign()==TRUE || ((strstr(Action,"TriggerMessage")!=NULL) && (strstr(Payload,"BootNotification")!=NULL)) || (strstr(Action,"Set")!=NULL))
 						CallHandler(UniqueId,Action,Payload);
 					else
 					{

EVSE/Modularization/ocpp20/MessageHandler.h

@@ -402,7 +402,7 @@ typedef enum {
 	IdTokenEnumType_KeyCode,
 	IdTokenEnumType_Local,
 	IdTokenEnumType_MacAddress,
-	IdTokenEnumType_NoAuthorization,
+	IdTokenEnumType_NoAuthorization
 } IdTokenEnumType;
 
 /* InstallCertificateUseEnumType */
@@ -827,6 +827,14 @@ typedef enum {
 	VPNEnumType_PPTP
 } VPNEnumType;
 
+enum CERTIFICATE_PARSE_TYPE
+{
+	CERT_PARSE_HashAlgorithm = 0,
+	CERT_PARSE_SerialNumber = 1,
+	CERT_PARSE_IssuerNameHash = 2,
+	CERT_PARSE_IssuerKeyHash = 3,
+	CERT_PARSE_OcspUrl = 4
+};
 
 struct StructPeriod
 {

EVSE/Modularization/ocpp20/Module_OcppBackend20.c

@@ -406,9 +406,9 @@ void* ConnectWsServer(void* data)  //int ConnectWsServer()
 	ContextInfo.port = CONTEXT_PORT_NO_LISTEN;
 	ContextInfo.iface = NULL;
 	ContextInfo.ssl_private_key_password = NULL;
-	ContextInfo.ssl_cert_filepath = NULL;//"./ssl_key/client_cert.pem";
-	ContextInfo.ssl_private_key_filepath = NULL;//"./ssl_key/client_key.pem";
-	ContextInfo.ssl_ca_filepath = "/root/cacert.pem";//"./cacert.pem";
+	ContextInfo.ssl_cert_filepath = ((GetOcppSecurityProfile()==3) && (access("/Storage/OCPP/certCP.pem",F_OK) != -1))?"/Storage/OCPP/certCP.pem":NULL;
+	ContextInfo.ssl_private_key_filepath = ((GetOcppSecurityProfile()==3) && (access("/Storage/OCPP/certCP.key",F_OK) != -1))?"/Storage/OCPP/certCP.key":NULL;
+	ContextInfo.ssl_ca_filepath = "/root/certCA.pem";
 	ContextInfo.ssl_cipher_list = NULL; //use default one
 	ContextInfo.gid = -1;
 	ContextInfo.uid = -1;

EVSE/Modularization/ocpp20/Module_OcppBackend20.h

@@ -1,7 +1,7 @@
 /*
  * Sample_OCPP_Task.h
  *
- *  Created on: 2020¦~5¤ë26¤é
+ *  Created on: 2020
  *      Author: foluswen
  */
 
@@ -49,6 +49,21 @@
 #include    "SystemLogMessage.h"
 #include    "MessageHandler.h"
 
+#define		ROOTCA_CS				"/Storage/OCPP/rootCaCs.pem"					// for verify connect wss
+#define		ROOTCA_MF				"/Storage/OCPP/rootCaMf.pem"					// for verify signedUpdateFirmware
+#define		ROOTCA_V2G				"/Storage/rootCaV2g.pem"						// for 15118
+#define		ROOTCA_MO				"/Storage/rootCaMo.pem"						    // for 15118
+
+#define		CERTIFICATE_CP			"/Storage/OCPP/certCP.pem"						// for security profile 3
+#define		CERTIFICATE_V2G			"/Storage/certV2G.pem"							// for 15118
+#define		CERTIFICATE_PnCAuth		"/Storage/certPnCAuth.pem"						// for PnC authorization
+
+#define		PRIVATE_KEY_CP			"/Storage/OCPP/certCP.key"						// for security profile 3
+#define		PRIVATE_KEY_V2G			"/Storage/certV2G.key"							// for 15118
+
+#define		CSR_CP					"/Storage/OCPP/certCP.csr"						// for get CERTIFICATE_CP
+#define		CSR_V2G					"/Storage/certV2G.csr"							// for get CERTIFICATE_V2G
+
 #define is_error(ptr) 				((unsigned long)ptr > (unsigned long)-4000L)
 #define PASS						1
 #define FAIL						-1
@@ -141,6 +156,7 @@ extern int GetHeartBeatWithNOResponse(void);
 extern void SetHeartBeatWithNOResponse(void);
 extern int DB_Initial();
 extern uint8_t GetOcppSecurityProfile();
+void MergeCertificates();
 extern void GetOcppChargerBoxId(uint8_t *data);
 extern void GetOcppSecurityPassword(uint8_t *data);