Support for tpm CSR request (#489)

* Support for tpm CSR request

Signed-off-by: AssemblyJohn <[email protected]>

* Update dependencies
Bump version to 2023.12.0

Signed-off-by: Kai-Uwe Hermann <[email protected]>

---------

Signed-off-by: AssemblyJohn <[email protected]>
Signed-off-by: Kai-Uwe Hermann <[email protected]>
Co-authored-by: Kai-Uwe Hermann <[email protected]>

CMakeLists.txt

@@ -1,7 +1,7 @@
 cmake_minimum_required(VERSION 3.14.7)
 
 project(everest-core
-    VERSION 2023.10.0
+    VERSION 2023.12.0
     DESCRIPTION "The open operating system for e-mobility charging stations"
 	LANGUAGES CXX C
 )

dependencies.yaml

@@ -1,7 +1,7 @@
 ---
 everest-framework:
   git: https://github.com/EVerest/everest-framework.git
-  git_tag: a233ec8
+  git_tag: v0.9.0
   options: ["BUILD_TESTING OFF"]
 sigslot:
   git: https://github.com/palacaze/sigslot
@@ -41,11 +41,11 @@ libcurl:
 # OCPP
 libocpp:
   git: https://github.com/EVerest/libocpp.git
-  git_tag: "a6cd837"
+  git_tag: v0.9.6
 # Josev
 Josev:
   git: https://github.com/EVerest/ext-switchev-iso15118.git
-  git_tag: 928f678
+  git_tag: 2023.12.0
 # OpenV2G
 ext-openv2g:
   git: https://github.com/EVerest/ext-openv2g.git
@@ -61,9 +61,9 @@ ext-mbedtls:
 # everest-testing
 everest-utils:
   git: https://github.com/EVerest/everest-utils.git
-  git_tag: a054460
+  git_tag: v0.2.0
 # evse-security, since this is a direct dependency of libocpp it will get overwritten by the version set there
 # setting it here can be misleading since it does not affect the version being used
 libevse-security:
   git: https://github.com/EVerest/libevse-security.git
-  git_tag: v0.3.0
+  git_tag: v0.4.0

interfaces/evse_security.yaml

@@ -113,6 +113,9 @@ cmds:
       common:
         description: Specifies the common name (CN) of the certificate
         type: string
+      use_tpm:
+        description: Specifies if the CSR should store the private key on the TPM
+        type: boolean 
     result:
       description: The certificate signing request in PEM format
       type: string

lib/staging/ocpp/evse_security_ocpp.cpp

@@ -75,9 +75,9 @@ bool EvseSecurity::is_ca_certificate_installed(const ocpp::CaCertificateType& ce
 std::string EvseSecurity::generate_certificate_signing_request(const ocpp::CertificateSigningUseEnum& certificate_type,
                                                                const std::string& country,
                                                                const std::string& organization,
-                                                               const std::string& common) {
+                                                               const std::string& common, bool use_tpm) {
     return this->r_security.call_generate_certificate_signing_request(conversions::from_ocpp(certificate_type), country,
-                                                                      organization, common);
+                                                                      organization, common, use_tpm);
 }
 
 std::optional<ocpp::KeyPair> EvseSecurity::get_key_pair(const ocpp::CertificateSigningUseEnum& certificate_type) {

lib/staging/ocpp/evse_security_ocpp.hpp

@@ -33,7 +33,7 @@ class EvseSecurity : public ocpp::EvseSecurity {
     bool is_ca_certificate_installed(const ocpp::CaCertificateType& certificate_type) override;
     std::string generate_certificate_signing_request(const ocpp::CertificateSigningUseEnum& certificate_type,
                                                      const std::string& country, const std::string& organization,
-                                                     const std::string& common) override;
+                                                     const std::string& common, bool use_tpm) override;
     std::optional<ocpp::KeyPair> get_key_pair(const ocpp::CertificateSigningUseEnum& certificate_type) override;
     std::string get_verify_file(const ocpp::CaCertificateType& certificate_type) override;
     int get_leaf_expiry_days_count(const ocpp::CertificateSigningUseEnum& certificate_type) override;

modules/EvseSecurity/main/evse_securityImpl.cpp

@@ -78,9 +78,9 @@ bool evse_securityImpl::handle_is_ca_certificate_installed(types::evse_security:
 
 std::string evse_securityImpl::handle_generate_certificate_signing_request(
     types::evse_security::LeafCertificateType& certificate_type, std::string& country, std::string& organization,
-    std::string& common) {
+    std::string& common, bool& use_tpm) {
     return this->evse_security->generate_certificate_signing_request(conversions::from_everest(certificate_type),
-                                                                     country, organization, common);
+                                                                     country, organization, common, use_tpm);
 }
 
 types::evse_security::GetKeyPairResult

modules/EvseSecurity/main/evse_securityImpl.hpp

@@ -53,8 +53,8 @@ class evse_securityImpl : public evse_securityImplBase {
     virtual bool handle_is_ca_certificate_installed(types::evse_security::CaCertificateType& certificate_type) override;
     virtual std::string
     handle_generate_certificate_signing_request(types::evse_security::LeafCertificateType& certificate_type,
-                                                std::string& country, std::string& organization,
-                                                std::string& common) override;
+                                                std::string& country, std::string& organization, std::string& common,
+                                                bool& use_tpm) override;
     virtual types::evse_security::GetKeyPairResult
     handle_get_key_pair(types::evse_security::LeafCertificateType& certificate_type,
                         types::evse_security::EncodingFormat& encoding) override;