- Changed package name from org.v2gclarity.risev2g to com.v2gclarity.risev2g
- Changed pom.xml and bin.xml files for creating deployable .jar files with Maven
- Added RISE-V2G-Parent project folder for Maven to facilitate an easy build process that has now be reworked in this version
- Added copyNewCertsAndKeys.bat and generateCertificates.bat to RISE-V2G-Certificates in order to port the already existing Unix shell scripts to Windows systems
- Corrected an error in V2GCommunicationSessionHandlerEVCC.java which ensures that the SDP procedure continues to work correctly even if there is a false SDP response coming from the SECC
- Changed the signature of the method generateDigest() (in SecurityUtils.java) to have more logging information about the ID of the element for which the digest is generated
- Made sure that the PreCharge timeout and CableCheck timeout are triggered exactly (there was a possible delay of 2s)
- Changed logging level of TCP server and client from debug to info
- Added debugging logging functionality with new EVCC and SECC property HexAndBase64RepresentationOfMessages which will log the hexadecimal and Base64 encoding of each message being sent
- Small change in log4j2.xml files enabling highlighting of logging level (you need to have ANSI Console installed in Eclipse IDE for this change to take effect)
- Shifted the process of reading the MO Sub-CA 2 private key from the keystore from the method getMOSubCA2PrivateKey to the constructor of DummyBackendInterface.java in order to avoid timeouts when processing the ChargeParameterDiscoveryReq on embedded devices
- Updated the EXIficient_V2G_CI_MsgDef.java (serialized version of the XSD grammar) as there was an bug before that caused an incomplete deserialization of an EXI byte stream to an XML message
- Updated log4j from 2.1 to 2.9
- Changed the way how JAXBElements are created due to particularities with the creation of the XML Reference elements for the CertificateInstallationRes and CertificateUpdateRes messages. The JAXBContext is now set exactly for the message or field that is to be marshaled into XML. As a result, the JAXBContext is no more set in the EXI codec, but in the MessageHandler
- SecurityUtils.java has been partly rewritten with regards to the verification of certificate chains. See also verifyCertificateChain(…) method.
- Requirement [V2G2-812] is not implemented.
- When the EVCC sends a message out of the correct order which would induce a FAILED_SequenceError message, the SECC now sends the response message corresponding to the request message sent by the EVCC instead of the response message corresponding to the message the SECC would expect. As a result, ServerState.java has partly been rewritten and all SECC states have been adapted to it.
- Charge parameter provided by ChargeParameterDisoveryReq message are now thoroughly checked by the SECC. See also verifyChargeParameter(…) method.
- Charging profile provided by PowerDeliveryReq message is now thoroughly checked by SECC. See also isChargingProfileValid(…) method.
- New enum class PKI is added to shared.enumerations package. Needed for certificate chain checks in SecurityUtils.java.
- Some bugfixes in V2GTPMessage so that headers are not checked correctly.
- Signature creation and verification has been fixed and works now properly. Has been tested against various industry OEMs and suppliers. SecurityUtils.java class was substantially revised as part of fixing the signature creation and verification process and extended signature logging
- Introduced a new abstract method setMandatoryFieldsForFailedRes() in ServerState which makes sure that for each response the mandatory fields are set properly according to the standard in case a FAILED response code is sent
- Introduced a fix in WaitForAuthorizationReq which makes sure that a possible challenge is only checked for if the chosen payment option is „Contract“ (and TLS is used)
- Saves now the payment option selected by the EVCC (in state WaitForPaymentServiceSelectionReq) in the SECCs communication session for later reference
- To avoid possible race conditions, the transport layer threads needed to be started AFTER the SECC session handler has been initialized. Otherwise the situation might occur that the UDPServer is receiving a UDP client packet and tries to access the MessageHandler object before this object has been created by the SECC session handler.
- generateCertificates.sh Shell-Script now includes variables to ease the setting of certificates’ validity periods. Renaming of some certificates (e.g. provLeaf.cert -> cpsLeaf.cert) and keys. All certificates are now also generated in DER encoded form. MOSubCA2 private key is now also created as a PKCS#8 DER encoded file as RISE V2G needs this format to read the private key from file and sign SalesTariffs.
- EVCCConfig.properties and SECCConfig.properties have additional property „SignatureVerificationLog“ which enables extended logging information to debug signature creation and verification processes
- Catched a (theoretically) possible ClassCastException in WaitForChargeParameterDiscoveryRes in case the EVCC signalizes an EnergyTransferMode (AC or DC) which does not fit to the EVSEChargeParameter sent by the SECC later on
- Made sure that by default the sum of the individual time intervals described in the PMaxSchedule and SalesTariff provided in the ChargeParameterDiscoveryRes message are equal to 24 hours as demanded by a requirement.
- Renaming of some methods in IBackendInterface for clarity and consistency
- Provided a correctly formatted EVSE-ID in DummyACEVSEController and DummyDCEVSEController
- Corrected the service name of CertificateUpdate service and CertificateInstallation service to „Service“ according to the standard
- Edited GlobalValues so that the string value returned for each global value only needs to be edited once in this file (less error prone)
- A failed verification of received sales tariff (in ChargeParameterDiscoveryRes) does not lead any more to the termination of the communication session, but to just ignoring the sales tariff so that the charge process itself can still continue.
- Additional check if TLS is used when selecting a payment option from the offered list of payment options. If the SECC is offering a contract-based payment although no TLS is used (in this case the SECC shall not offer contract-based payment after all), the EVCC will not select 'CONTRACT' any more but 'EIM' instead.
- The received private key of the contract certificate (upon receipt of CertificateInstallationRes/CertificateUpdateRes) is first checked according to [V2G2-823] before saving the private key. If the check fails, the contract certificate and private key will not be safed (BUT: check is not complete, additional help with ECC mechanisms might be needed).
- All other files: Just the slight modification of the copyright header (which has been done in the master branch, but not the developer branch)
- added ResponseCode 'OK_CertificateExpiresSoon' on SECC side when receiving ContractCertificate with PaymentDetailsReq
- modified TLSClient to initiate TLS handshake right when initializing TLSClient (instead of when sending first message), thus enabling the check for the correct domain component "CPO" of the SECC certificate
- validates now provisioning certificate chain and checks for correct domain component "CPS" of provisioning leaf certificate
- added SecurityUtils function to get contract certificate from EVCC keystore
- added SecurityUtils function to get validity period of contract certificate
- added SecurityUtils function to also check for correct domain component when checking validity of certificate
- implemented a correct check if certificate update or installation is needed upon receiving PaymentServiceSelectionRes on EVCC side
Marc Mültin
Marc Mültin