citrineos-core icon indicating copy to clipboard operation
citrineos-core copied to clipboard

Published 20 hours ago verified publisher icon citrineos

Certificate Part 1: Integrate CA Server Client

Open lydiazcheng opened this issue 10 months ago • 0 comments

Changes

  • Add CA client interfaces
    • IV2GCertificateAuthorityClient
    • IChargingStationCertificateAuthorityClient
  • Add 2 Implementations of ca clients: Hubject, ACME (Let's encrypt)
    • Hubject: process V2G cert in A02
    • ACME: process Charging Station cert in A02. Also allow sign cert using Let's encrypt root ca cert. This function is used in PR: https://github.com/citrineos/citrineos-core/pull/77
  • Add new fields for ca clients in system config.
  • Add a CertificateAuthorityService which instantiates CA clients.
  • refactor _handleSignCertificate.
    • verify request and then accept or reject the request. (Currently this logic is commented out partially due to a OCTT failed test case)
    • sign csr and return a certificate chain (from leaf to sub ca cert except for root ca cert) to charger

Local Tests

Test case 1 sign v2g certificate by hubject and return a cert chain contain signed cert followed by 2 sub CAs. Screenshot 2024-05-02 at 9 14 40 AM Test case 2 sign charging station certificate by our sub CA and return a cert chain contain signed cert followed by the sub CA. (Change some code temperaly to only test the flow in A02 without testing a fully workable Profile 3 connection) Screenshot 2024-05-02 at 9 13 44 AM Test case 3 verify organization name in the csr Screenshot 2024-05-02 at 10 07 00 AM

lydiazcheng avatar Apr 22 '24 20:04 lydiazcheng