Merge pull request #28 from poohsen/master

make signature of encryptContractCertPrivateKey more specific
2019-02-09 18:08:08 +01:00 · 2019-02-09 18:08:08 +01:00 · 950e27d5af
parent cd7ea29fda 5c1c2428ce
commit 950e27d5af
4 changed files with 9 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -18,3 +18,5 @@ RISE-V2G-SECC/cpsCertChain.p12
 RISE-V2G-SECC/moCertChain.p12
 /.metadata/
 /.recommenders/
+.idea
+*.iml
--- a/RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateInstallationReq.java
+++ b/RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateInstallationReq.java
@ -25,6 +25,7 @@ package com.v2gclarity.risev2g.secc.states;

 import java.security.KeyPair;
 import java.security.cert.X509Certificate;
+import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.util.HashMap;

@ -76,7 +77,7 @@ public class WaitForCertificateInstallationReq extends ServerState  {
 				ContractSignatureEncryptedPrivateKeyType encryptedContractCertPrivateKey = 
 						SecurityUtils.encryptContractCertPrivateKey(
 								(ECPublicKey) SecurityUtils.getCertificate(certificateInstallationReq.getOEMProvisioningCert()).getPublicKey(),
-								ecKeyPair,
+								(ECPrivateKey) ecKeyPair.getPrivate(),
 								getCommSessionContext().getBackendInterface().getContractCertificatePrivateKey());
 				
 				certificateInstallationRes.setContractSignatureCertChain(saContractCertificateChain);
--- a/RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateUpdateReq.java
+++ b/RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateUpdateReq.java
@ -24,6 +24,7 @@
 package com.v2gclarity.risev2g.secc.states;

 import java.security.KeyPair;
+import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.util.HashMap;

@ -72,7 +73,7 @@ public class WaitForCertificateUpdateReq extends ServerState  {
 				ContractSignatureEncryptedPrivateKeyType encryptedContractCertPrivateKey = 
 						SecurityUtils.encryptContractCertPrivateKey(
 								(ECPublicKey) SecurityUtils.getCertificate(certificateUpdateReq.getContractSignatureCertChain().getCertificate()).getPublicKey(),
-								ecdhKeyPair,
+								(ECPrivateKey) ecdhKeyPair.getPrivate(),
 								getCommSessionContext().getBackendInterface().getContractCertificatePrivateKey());
 				
 				/*
--- a/RISE-V2G-Shared/src/main/java/com/v2gclarity/risev2g/shared/utils/SecurityUtils.java
+++ b/RISE-V2G-Shared/src/main/java/com/v2gclarity/risev2g/shared/utils/SecurityUtils.java
@ -1381,16 +1381,16 @@ public final class SecurityUtils {
     * @param certificateECPublicKey The public key of either the OEM provisioning certificate (in case of 
     * 								 CertificateInstallation) or the to be updated contract certificate
     * 								 (in case of CertificateUpdate)
-     * @param ecKeyPair The EC keypair
+     * @param dhPrivateKey The DH private key
     * @param contractCertPrivateKey The private key of the contract certificate
     * @return The encrypted private key of the to be installed contract certificate
     */
 	public static ContractSignatureEncryptedPrivateKeyType encryptContractCertPrivateKey(
 			ECPublicKey certificateECPublicKey, 
-			KeyPair ecKeyPair,
+			ECPrivateKey dhPrivateKey,
 			ECPrivateKey contractCertPrivateKey) {
 		// Generate the shared secret by using the public key of either OEMProvCert or ContractCert
-		byte[] sharedSecret = generateSharedSecret((ECPrivateKey) ecKeyPair.getPrivate(), certificateECPublicKey);
+		byte[] sharedSecret = generateSharedSecret(dhPrivateKey, certificateECPublicKey);
 		
 		if (sharedSecret == null) {
 			getLogger().error("Shared secret could not be generated");