PentHertz
/
RISE-V2G
mirror of https://github.com/PentHertz/RISE-V2G.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
RISE-V2G/RISE-V2G-EVCC/src/main/java/org/eclipse/risev2g/evcc/states/WaitForChargeParameterDisco...

209 lines
9.6 KiB
Java
Raw Normal View History

initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
/*******************************************************************************
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
* Copyright (c) 2016 Dr.-Ing. Marc Mültin.
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
* Dr.-Ing. Marc Mültin - initial API and implementation and initial documentation
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
*******************************************************************************/
package org.eclipse.risev2g.evcc.states;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import org.eclipse.risev2g.evcc.session.V2GCommunicationSessionEVCC;
import org.eclipse.risev2g.shared.enumerations.CPStates;
import org.eclipse.risev2g.shared.enumerations.GlobalValues;
import org.eclipse.risev2g.shared.enumerations.V2GMessages;
import org.eclipse.risev2g.shared.messageHandling.ReactionToIncomingMessage;
import org.eclipse.risev2g.shared.messageHandling.TerminateSession;
import org.eclipse.risev2g.shared.utils.SecurityUtils;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.ACEVSEChargeParameterType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.ChargeParameterDiscoveryResType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.ChargeProgressType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.DCEVSEChargeParameterType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.EVSENotificationType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.EVSEProcessingType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.SAScheduleListType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.SAScheduleTupleType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.SignatureType;
import org.eclipse.risev2g.shared.v2gMessages.msgDef.V2GMessage;
public class WaitForChargeParameterDiscoveryRes extends ClientState {
public WaitForChargeParameterDiscoveryRes(V2GCommunicationSessionEVCC commSessionContext) {
super(commSessionContext);
}
@Override
public ReactionToIncomingMessage processIncomingMessage(Object message) {
if (isIncomingMessageValid(message, ChargeParameterDiscoveryResType.class)) {
V2GMessage v2gMessageRes = (V2GMessage) message;
ChargeParameterDiscoveryResType chargeParameterDiscoveryRes =
(ChargeParameterDiscoveryResType) v2gMessageRes.getBody().getBodyElement().getValue();
if (chargeParameterDiscoveryRes.getEVSEProcessing().equals(EVSEProcessingType.ONGOING)) {
getLogger().debug("EVSEProcessing was set to ONGOING");
return getSendMessage(getCommSessionContext().getChargeParameterDiscoveryReq(), V2GMessages.CHARGE_PARAMETER_DISCOVERY_RES);
} else {
// Check for the EVSENotification
EVSENotificationType evseNotification = null;
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
try {
if (getCommSessionContext().getRequestedEnergyTransferMode().toString().startsWith("AC"))
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
evseNotification = ((ACEVSEChargeParameterType) chargeParameterDiscoveryRes
.getEVSEChargeParameter().getValue())
.getACEVSEStatus().getEVSENotification();
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
else
evseNotification = ((DCEVSEChargeParameterType) chargeParameterDiscoveryRes
.getEVSEChargeParameter().getValue())
.getDCEVSEStatus().getEVSENotification();
} catch (ClassCastException e) {
return new TerminateSession("Sent EVSEChargeParameter do not match requested energy transfer mode " +
getCommSessionContext().getRequestedEnergyTransferMode().toString());
}
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
if (evseNotification.equals(EVSENotificationType.STOP_CHARGING)) {
getLogger().debug("The EVSE requested to stop the charging process");
getCommSessionContext().setStopChargingRequested(true);
return getSendMessage(getPowerDeliveryReq(ChargeProgressType.STOP), V2GMessages.POWER_DELIVERY_RES);
} else {
/*
* The case RE_NEGOTIATION is to be ignored according to [V2G2-841] and [V2G2-680].
* An SECC triggered renegotiation is only to be reacted on in the messages
* - ChargingStatusRes
* - MeteringReceiptRes
* - CurrentDemandRes
*/
SAScheduleListType saSchedules = (SAScheduleListType) chargeParameterDiscoveryRes.getSASchedules().getValue();
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
// If TLS is used, verify each sales tariff (if present) with the mobility operator sub 2 certificate
Merge branch 'master' into develop # Conflicts: # RISE-V2G-EVCC/src/main/java/org/eclipse/risev2g/evcc/evController/DummyEVController.java # RISE-V2G-EVCC/src/main/java/org/eclipse/risev2g/evcc/session/V2GCommunicationSessionEVCC.java # RISE-V2G-EVCC/src/main/java/org/eclipse/risev2g/evcc/states/WaitForChargeParameterDiscoveryRes.java # RISE-V2G-SECC/src/main/java/org/eclipse/risev2g/secc/session/V2GCommunicationSessionSECC.java # RISE-V2G-Shared/src/main/java/org/eclipse/risev2g/shared/utils/SecurityUtils.java
2016-07-28 06:03:04 -07:00
if (getCommSessionContext().isTlsConnection() && saSchedules != null) {
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
if (!verifySalesTariffs(saSchedules, v2gMessageRes.getHeader().getSignature()))
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
getLogger().warn("The SalesTariff will be ignored for the charge process due to "
+ "failed signature verification during TLS communication.");
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
deleteUnverifiedSalesTariffs(saSchedules);
}
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
// Save the list of SASchedules (saves the time of reception as well)
getCommSessionContext().setSaSchedules(saSchedules);
if (getCommSessionContext().getEvController().getCPState().equals(CPStates.STATE_B)) {
if (getCommSessionContext().getRequestedEnergyTransferMode().toString().startsWith("AC")) {
return getSendMessage(getPowerDeliveryReq(ChargeProgressType.START), V2GMessages.POWER_DELIVERY_RES);
} else if (getCommSessionContext().getRequestedEnergyTransferMode().toString().startsWith("DC")) {
// CP state C signaling BEFORE sending CableCheckReq message in DC
if (getCommSessionContext().getEvController().setCPState(CPStates.STATE_C))
return getSendMessage(getCableCheckReq(), V2GMessages.CABLE_CHECK_RES);
else
return new TerminateSession("CP state C not ready (current state = " +
getCommSessionContext().getEvController().getCPState() +
")");
} else {
return new TerminateSession("RequestedEnergyTransferMode '" + getCommSessionContext().getRequestedEnergyTransferMode().toString() +
"is neither of type AC nor DC");
}
} else {
return new TerminateSession("CP state B not ready (current state = " +
getCommSessionContext().getEvController().getCPState() +
")");
}
}
}
} else {
return new TerminateSession("Incoming message raised an error");
}
}
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
/**
* Verifies each sales tariff given with the ChargeParameterDiscoveryRes message with the
* mobility operator sub 2 certificate.
*
* @param saSchedules The SASchedule list which holds all PMaxSchedules and SalesTariffs
* @param signature The signature for the sales tariffs
* @return True, if the verification of the sales tariffs was successful, false otherwise
*/
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
private boolean verifySalesTariffs(SAScheduleListType saSchedules, SignatureType signature) {
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
/*
* Some important requirements:
*
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
* 1. In case of PnC, and if a SalesTariff is used by the secondary actor, the secondary actor SHALL
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
* sign the field SalesTariff of type SalesTariffType. In case of EIM, the secondary actor MAY sign
* this field.
*
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
* 2. If the EVCC treats the SalesTariff as invalid, it shall ignore the SalesTariff, i.e. the
* behavior of the EVCC shall be the same as if no SalesTariff was received. Furthermore, the
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
* EVCC MAY close the connection. It then may reopen the connection again.
*/
boolean salesTariffSignatureAvailable = (signature == null) ? false : true;
boolean ignoreSalesTariffs = (getCommSessionContext().isTlsConnection() && !salesTariffSignatureAvailable) ? true : false;
short ignoredSalesTariffs = 0;
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
HashMap<String, byte[]> verifyXMLSigRefElements = new HashMap<String, byte[]>();
List<SAScheduleTupleType> saScheduleTuples = saSchedules.getSAScheduleTuple();
int salesTariffCounter = 0;
for (SAScheduleTupleType saScheduleTuple : saScheduleTuples) {
// verification regards only sales tariffs, not PMaxSchedules
if (saScheduleTuple.getSalesTariff() == null) continue;
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
// Check if signature is given during TLS communication. If no signature is given, delete SalesTariff
if (ignoreSalesTariffs) {
ignoredSalesTariffs++;
saScheduleTuple.setSalesTariff(null);
continue;
}
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
salesTariffCounter++;
verifyXMLSigRefElements.put(
saScheduleTuple.getSalesTariff().getId(),
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
SecurityUtils.generateDigest(saScheduleTuple.getSalesTariff()));
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
}
if (salesTariffCounter > 0) {
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
X509Certificate moSubCA2Certificate = SecurityUtils.getMOSubCA2Certificate(
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
GlobalValues.EVCC_KEYSTORE_FILEPATH.toString());
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
if (moSubCA2Certificate == null) {
getLogger().error("No MOSubCA2 certificate found, signature of SalesTariff could therefore not be verified");
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
return false;
} else {
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
if (!SecurityUtils.verifySignature(signature, verifyXMLSigRefElements, moSubCA2Certificate)) {
getLogger().warn("Verification of SalesTariff failed using certificate with distinguished name '" +
moSubCA2Certificate.getSubjectX500Principal().getName() + "'");
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
return false;
}
}
}
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
if (ignoredSalesTariffs > 0) {
Commit-Nachricht für RISE V2G - Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers.
SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging - Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent - Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used) - Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference - To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler. - generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs. - EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes - Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on - Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement. - Renaming of some methods in IBackendInterface for clarity and consistency - Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController - Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard - Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
2017-07-20 06:50:43 -07:00
getLogger().info("SalesTariffs could not be verified because of missing signature and will therefore be ignored");
- Added support to send signed sales tariffs (SECC side) - Corrected the verification process of received (signed) sales tariffs (EVCC side) - changed default value for XMLRepresentationOfMessages to false (SECC side)
2016-04-06 17:09:46 -07:00
return false;
}
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
return true;
}
- Included EXIficient library and according xml parser libraries (see shared/libs) as EXIficient's license finally changed from GPLv2 to MIT (MIT is compatible with EPL v1). Uncommented EXIficientCodec.java file. You now can quickly switch between EXIficientCodec and OpenEXI coded by (un)commenting the respective line in MessageHandler.java. - A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue. - Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead. - The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed). - All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
2016-07-28 05:28:03 -07:00
/**
* If the signature of one ore more sales tariffs cannot be verified, then the sales tariffs should be ignored
* rather than terminating the charge process. The charge process can then proceed based solely on the
* PMaxSchedule
*
* @param saSchedules The schedule(s) from the secondary actor including PMaxSchedule and potential SalesTariff
* elements.
*/
private void deleteUnverifiedSalesTariffs(SAScheduleListType saSchedules) {
List<SAScheduleTupleType> saScheduleTuples = saSchedules.getSAScheduleTuple();
for (SAScheduleTupleType saScheduleTuple : saScheduleTuples) {
saScheduleTuple.setSalesTariff(null);
}
}
initial commit for RISE V2G
2015-06-01 08:19:09 -07:00
}