Handler for security related operations of the charging station. More...
#include <evse_security.hpp>
Public Member Functions | |
| virtual InstallCertificateResult | install_ca_certificate (const std::string &certificate, const CaCertificateType &certificate_type)=0 |
Installs the CA certificate for the given certificate_type . This function respects the requirements of OCPP specified for the CSMS initiated message InstallCertificate.req . More... | |
| virtual DeleteCertificateResult | delete_certificate (const CertificateHashDataType &certificate_hash_data)=0 |
Deletes the certificate specified by certificate_hash_data . This function respects the requirements of OCPP specified for the CSMS initiated message DeleteCertificate.req. More... | |
| virtual InstallCertificateResult | update_leaf_certificate (const std::string &certificate_chain, const CertificateSigningUseEnum &certificate_type)=0 |
Verifies the given certificate_chain for the given certificate_type using the respective CA certificates for the leaf and if valid installs the certificate. Before installing the certificate, this function checks if a private key is present for the given certificate. This function respects the requirements of OCPP specified for the CSMS initiated message CertificateSigned.req . More... | |
| virtual CertificateValidationResult | verify_certificate (const std::string &certificate_chain, const LeafCertificateType &certificate_type)=0 |
Verifies the given certificate_chain for the given certificate_type against the respective CA certificates for the leaf according to the requirements specified in OCPP. More... | |
| virtual std::vector< CertificateHashDataChain > | get_installed_certificates (const std::vector< CertificateType > &certificate_types)=0 |
Retrieves all certificates installed on the filesystem applying the certificate_types filter. This function respects the requirements of OCPP specified for the CSMS initiated message GetInstalledCertificateIds.req . More... | |
| virtual std::vector< OCSPRequestData > | get_v2g_ocsp_request_data ()=0 |
| Retrieves the OCSP request data of the V2G certificates (exluding the root). This function respects the requirements of OCPP specified for the CSMS initiated message GetCertificateStatus.req . More... | |
| virtual std::vector< OCSPRequestData > | get_mo_ocsp_request_data (const std::string &certificate_chain)=0 |
| Retrieves the OCSP request data of a certificate chain. More... | |
| virtual void | update_ocsp_cache (const CertificateHashDataType &certificate_hash_data, const std::string &ocsp_response)=0 |
Updates the OCSP cache for the given certificate_hash_data with the given ocsp_response. More... | |
| virtual bool | is_ca_certificate_installed (const CaCertificateType &certificate_type)=0 |
Indicates if a CA certificate for the given certificate_type is installed on the filesystem. More... | |
| virtual GetCertificateSignRequestResult | generate_certificate_signing_request (const CertificateSigningUseEnum &certificate_type, const std::string &country, const std::string &organization, const std::string &common, bool use_tpm)=0 |
Generates a certificate signing request for the given certificate_type , country , organization and common , uses the TPM if use_tpm is true. More... | |
| virtual GetCertificateInfoResult | get_leaf_certificate_info (const CertificateSigningUseEnum &certificate_type, bool include_ocsp=false)=0 |
Searches the filesystem on the specified directories for the given certificate_type and retrieves the most recent certificate that is already valid and the respective key. If no certificate is present or no key is matching the certificate, this function returns a GetKeyPairStatus other than "Accepted". The function update_leaf_certificate will install two files for each leaf, one containing the single leaf and one containing the leaf including any possible SUBCAs. More... | |
| virtual bool | update_certificate_links (const CertificateSigningUseEnum &certificate_type)=0 |
Updates the certificate and key links for the given certificate_type. More... | |
| virtual std::string | get_verify_file (const CaCertificateType &certificate_type)=0 |
Retrieves the PEM formatted CA bundle file for the given certificate_type. More... | |
| virtual std::string | get_verify_location (const CaCertificateType &certificate_type)=0 |
Retrieves the PEM formatted CA bundle location for the given certificate_type. More... | |
| virtual int | get_leaf_expiry_days_count (const CertificateSigningUseEnum &certificate_type)=0 |
Gets the expiry day count for the leaf certificate of the given certificate_type. More... | |
Detailed Description
Handler for security related operations of the charging station.
Member Function Documentation
◆ delete_certificate()
|
pure virtual |
Deletes the certificate specified by certificate_hash_data . This function respects the requirements of OCPP specified for the CSMS initiated message DeleteCertificate.req.
- Parameters
-
certificate_hash_data specifies the certificate to be deleted
- Returns
- result of the operation
Implemented in ocpp::EvseSecurityImpl.
◆ generate_certificate_signing_request()
|
pure virtual |
Generates a certificate signing request for the given certificate_type , country , organization and common , uses the TPM if use_tpm is true.
- Parameters
-
certificate_type country organization common use_tpm If the TPM should be used for the CSR request
- Returns
- the status and an optional PEM formatted certificate signing request string
Implemented in ocpp::EvseSecurityImpl.
◆ get_installed_certificates()
|
pure virtual |
Retrieves all certificates installed on the filesystem applying the certificate_types filter. This function respects the requirements of OCPP specified for the CSMS initiated message GetInstalledCertificateIds.req .
- Parameters
-
certificate_types
- Returns
- contains the certificate hash data chains of the requested
certificate_types
Implemented in ocpp::EvseSecurityImpl.
◆ get_leaf_certificate_info()
|
pure virtual |
Searches the filesystem on the specified directories for the given certificate_type and retrieves the most recent certificate that is already valid and the respective key. If no certificate is present or no key is matching the certificate, this function returns a GetKeyPairStatus other than "Accepted". The function update_leaf_certificate will install two files for each leaf, one containing the single leaf and one containing the leaf including any possible SUBCAs.
- Parameters
-
certificate_type type of the leaf certificate include_ocsp if OCSP data should be included
- Returns
- contains response result, with info related to the certificate chain and response status
Implemented in ocpp::EvseSecurityImpl.
◆ get_leaf_expiry_days_count()
|
pure virtual |
Gets the expiry day count for the leaf certificate of the given certificate_type.
- Parameters
-
certificate_type
- Returns
- day count until the leaf certificate expires
Implemented in ocpp::EvseSecurityImpl.
◆ get_mo_ocsp_request_data()
|
pure virtual |
Retrieves the OCSP request data of a certificate chain.
- Parameters
-
certificate_chain PEM formatted certificate or certificate chain certificate_type type of the leaf certificate
- Returns
- contains OCSP request data
Implemented in ocpp::EvseSecurityImpl.
◆ get_v2g_ocsp_request_data()
|
pure virtual |
Retrieves the OCSP request data of the V2G certificates (exluding the root). This function respects the requirements of OCPP specified for the CSMS initiated message GetCertificateStatus.req .
- Returns
- contains OCSP request data
Implemented in ocpp::EvseSecurityImpl.
◆ get_verify_file()
|
pure virtual |
Retrieves the PEM formatted CA bundle file for the given certificate_type.
- Parameters
-
certificate_type
- Returns
- CA certificate file
Implemented in ocpp::EvseSecurityImpl.
◆ get_verify_location()
|
pure virtual |
Retrieves the PEM formatted CA bundle location for the given certificate_type.
- Parameters
-
certificate_type
- Returns
- CA certificate file
Implemented in ocpp::EvseSecurityImpl.
◆ install_ca_certificate()
|
pure virtual |
Installs the CA certificate for the given certificate_type . This function respects the requirements of OCPP specified for the CSMS initiated message InstallCertificate.req .
- Parameters
-
certificate PEM formatted CA certificate certificate_type specifies the CA certificate type
- Returns
- result of the operation
Implemented in ocpp::EvseSecurityImpl.
◆ is_ca_certificate_installed()
|
pure virtual |
Indicates if a CA certificate for the given certificate_type is installed on the filesystem.
- Parameters
-
certificate_type
- Returns
- true if CA certificate is present, else false
Implemented in ocpp::EvseSecurityImpl.
◆ update_certificate_links()
|
pure virtual |
Updates the certificate and key links for the given certificate_type.
Implemented in ocpp::EvseSecurityImpl.
◆ update_leaf_certificate()
|
pure virtual |
Verifies the given certificate_chain for the given certificate_type using the respective CA certificates for the leaf and if valid installs the certificate. Before installing the certificate, this function checks if a private key is present for the given certificate. This function respects the requirements of OCPP specified for the CSMS initiated message CertificateSigned.req .
- Parameters
-
certificate_chain PEM formatted certificate or certificate chain certificate_type type of the leaf certificate
- Returns
- result of the operation
Implemented in ocpp::EvseSecurityImpl.
◆ update_ocsp_cache()
|
pure virtual |
Updates the OCSP cache for the given certificate_hash_data with the given ocsp_response.
- Parameters
-
certificate_hash_data identifies the certificate for which the ocsp_responseis specifiedocsp_response the actual OCSP data
Implemented in ocpp::EvseSecurityImpl.
◆ verify_certificate()
|
pure virtual |
Verifies the given certificate_chain for the given certificate_type against the respective CA certificates for the leaf according to the requirements specified in OCPP.
- Parameters
-
certificate_chain PEM formatted certificate or certificate chain certificate_type type of the leaf certificate
- Returns
- result of the operation
Implemented in ocpp::EvseSecurityImpl.
The documentation for this class was generated from the following file:
- include/ocpp/common/evse_security.hpp
