PentHertz
/
RISE-V2G
mirror of https://github.com/PentHertz/RISE-V2G.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

make signature of encryptContractCertPrivateKey more specific

This commit is contained in:
Christoph Zwirello 2018-11-15 12:18:13 +01:00
parent cc26d2a239
commit ebccfa5a06
5 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -18,3 +18,5 @@ RISE-V2G-SECC/cpsCertChain.p12
RISE-V2G-SECC/moCertChain.p12
/.metadata/
/.recommenders/
.idea
*.iml

3
RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateInstallationReq.java
View File

@ -25,6 +25,7 @@ package com.v2gclarity.risev2g.secc.states;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.HashMap;
@ -76,7 +77,7 @@ public class WaitForCertificateInstallationReq extends ServerState {
ContractSignatureEncryptedPrivateKeyType encryptedContractCertPrivateKey =
SecurityUtils.encryptContractCertPrivateKey(
(ECPublicKey) SecurityUtils.getCertificate(certificateInstallationReq.getOEMProvisioningCert()).getPublicKey(),
ecKeyPair,
(ECPrivateKey) ecKeyPair.getPrivate(),
getCommSessionContext().getBackendInterface().getContractCertificatePrivateKey());
certificateInstallationRes.setContractSignatureCertChain(saContractCertificateChain);

3
RISE-V2G-SECC/src/main/java/com/v2gclarity/risev2g/secc/states/WaitForCertificateUpdateReq.java
View File

@ -24,6 +24,7 @@
package com.v2gclarity.risev2g.secc.states;
import java.security.KeyPair;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.HashMap;
@ -72,7 +73,7 @@ public class WaitForCertificateUpdateReq extends ServerState {
ContractSignatureEncryptedPrivateKeyType encryptedContractCertPrivateKey =
SecurityUtils.encryptContractCertPrivateKey(
(ECPublicKey) SecurityUtils.getCertificate(certificateUpdateReq.getContractSignatureCertChain().getCertificate()).getPublicKey(),
ecdhKeyPair,
(ECPrivateKey) ecdhKeyPair.getPrivate(),
getCommSessionContext().getBackendInterface().getContractCertificatePrivateKey());
/*

6
RISE-V2G-Shared/src/main/java/com/v2gclarity/risev2g/shared/utils/SecurityUtils.java
View File

@ -1381,16 +1381,16 @@ public final class SecurityUtils {
* @param certificateECPublicKey The public key of either the OEM provisioning certificate (in case of
* CertificateInstallation) or the to be updated contract certificate
* (in case of CertificateUpdate)
* @param ecKeyPair The EC keypair
* @param dhPrivateKey The DH private key
* @param contractCertPrivateKey The private key of the contract certificate
* @return The encrypted private key of the to be installed contract certificate
*/
public static ContractSignatureEncryptedPrivateKeyType encryptContractCertPrivateKey(
ECPublicKey certificateECPublicKey,
KeyPair ecKeyPair,
ECPrivateKey dhPrivateKey,
ECPrivateKey contractCertPrivateKey) {
// Generate the shared secret by using the public key of either OEMProvCert or ContractCert
byte[] sharedSecret = generateSharedSecret((ECPrivateKey) ecKeyPair.getPrivate(), certificateECPublicKey);
byte[] sharedSecret = generateSharedSecret(dhPrivateKey, certificateECPublicKey);
if (sharedSecret == null) {
getLogger().error("Shared secret could not be generated");