fix: add structure to EvseV2G

use subdirectories to help collect common functionality and provide structure to the module. OpenSSL TLS moved to common area since it is not tied to EvseV2G. Signed-off-by: James Chapman <[email protected]>
EVerest · Jun 20, 2024 · d469080 · d469080
1 parent c4c1366
commit d469080
Show file tree

Hide file tree

Showing 19 changed files with 78 additions and 75 deletions.
diff --git a/config/config-sil-dc.yaml b/config/config-sil-dc.yaml
@@ -14,7 +14,6 @@ active_modules:
       device: auto
       supported_DIN70121: true
       supported_ISO15118_2: true
-      tls_active: true
   evse_manager:
     module: EvseManager
     config_module:
@@ -27,7 +26,6 @@ active_modules:
       session_logging_path: /tmp/everest-logs
       charge_mode: DC
       hack_allow_bpt_with_iso2: true
-      payment_enable_contract: false
     connections:
       bsp:
         - module_id: yeti_driver
@@ -91,7 +89,7 @@ active_modules:
       evse_manager:
         - module_id: evse_manager
           implementation_id: evse
-  token_provider:
+  token_provider: 
     module: DummyTokenProvider
     config_implementation:
       main:

diff --git a/lib/staging/CMakeLists.txt b/lib/staging/CMakeLists.txt
@@ -1,5 +1,6 @@
 add_subdirectory(can_dpm1000)
 add_subdirectory(evse_security)
+add_subdirectory(tls)
 if(EVEREST_DEPENDENCY_ENABLED_LIBSLAC AND EVEREST_DEPENDENCY_ENABLED_LIBFSM)
     add_subdirectory(slac)
 endif()

diff --git a/lib/staging/tls/CMakeLists.txt b/lib/staging/tls/CMakeLists.txt
@@ -0,0 +1,22 @@
+add_library(tls STATIC)
+add_library(everest::tls ALIAS tls)
+
+find_package(OpenSSL)
+
+target_sources(tls
+    PRIVATE
+        openssl_util.cpp
+        tls.cpp
+)
+
+target_include_directories(tls
+    PUBLIC
+    $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
+)
+
+target_link_libraries(tls
+    PUBLIC
+        OpenSSL::SSL
+        OpenSSL::Crypto
+        everest::framework
+)
diff --git a/modules/EvseV2G/openssl_util.cpp → lib/staging/tls/openssl_util.cpp b/modules/EvseV2G/openssl_util.cpp → lib/staging/tls/openssl_util.cpp
@@ -356,39 +356,39 @@ Certificate_ptr der_to_certificate(const std::uint8_t* der, std::size_t len) {
     return result;
 }
 
-crypto::verify_result_t verify_certificate(const x509_st* cert, const CertificateList& trust_anchors,
-                                           const CertificateList& untrusted) {
-    crypto::verify_result_t result = crypto::verify_result_t::verified;
+verify_result_t verify_certificate(const x509_st* cert, const CertificateList& trust_anchors,
+                                   const CertificateList& untrusted) {
+    verify_result_t result = verify_result_t::verified;
     auto* store_ctx = X509_STORE_CTX_new();
     auto* ta_store = X509_STORE_new();
     auto* chain = sk_X509_new_null();
     X509* target{nullptr};
 
     if (store_ctx == nullptr) {
         log_error("X509_STORE_CTX_new");
-        result = crypto::verify_result_t::OtherError;
+        result = verify_result_t::OtherError;
     }
 
     if (ta_store == nullptr) {
         log_error("X509_STORE_new");
-        result = crypto::verify_result_t::OtherError;
+        result = verify_result_t::OtherError;
     }
 
     if (chain == nullptr) {
         log_error("sk_X509_new_null");
-        result = crypto::verify_result_t::OtherError;
+        result = verify_result_t::OtherError;
     }
 
     if (cert != nullptr) {
         target = X509_dup(cert);
         if (target == nullptr) {
             log_error("X509_dup");
-            result = crypto::verify_result_t::OtherError;
+            result = verify_result_t::OtherError;
         }
     }
 
-    if (result == crypto::verify_result_t::verified) {
-        result = crypto::verify_result_t::OtherError;
+    if (result == verify_result_t::verified) {
+        result = verify_result_t::OtherError;
 
         for (const auto& i : trust_anchors) {
             if (X509_STORE_add_cert(ta_store, i.get()) != 1) {
@@ -420,24 +420,24 @@ crypto::verify_result_t verify_certificate(const x509_st* cert, const Certificat
                 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
                 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
                 case X509_V_ERR_UNSPECIFIED:
-                    result = crypto::verify_result_t::CertChainError;
+                    result = verify_result_t::CertChainError;
                     break;
                 case X509_V_ERR_CERT_HAS_EXPIRED:
                 case X509_V_ERR_CERT_NOT_YET_VALID:
-                    result = crypto::verify_result_t::CertificateExpired;
+                    result = verify_result_t::CertificateExpired;
                     break;
                 case X509_V_ERR_CERT_REVOKED:
-                    result = crypto::verify_result_t::CertificateRevoked;
+                    result = verify_result_t::CertificateRevoked;
                     break;
                 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
                 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-                    result = crypto::verify_result_t::NoCertificateAvailable;
+                    result = verify_result_t::NoCertificateAvailable;
                     break;
                 default:
                     break;
                 }
             } else {
-                result = crypto::verify_result_t::verified;
+                result = verify_result_t::verified;
             }
         }
     }

diff --git a/modules/EvseV2G/openssl_util.hpp → lib/staging/tls/openssl_util.hpp b/modules/EvseV2G/openssl_util.hpp → lib/staging/tls/openssl_util.hpp
@@ -14,13 +14,20 @@
 #include <tuple>
 #include <vector>
 
-#include <crypto_common.hpp>
-
 struct evp_pkey_st;
 struct x509_st;
 
 namespace openssl {
 
+enum class verify_result_t : std::uint8_t {
+    verified,
+    CertChainError,
+    CertificateExpired,
+    CertificateRevoked,
+    NoCertificateAvailable,
+    OtherError,
+};
+
 constexpr std::size_t signature_size = 64;
 constexpr std::size_t signature_n_size = 32;
 constexpr std::size_t signature_der_size = 128;
@@ -200,8 +207,8 @@ Certificate_ptr der_to_certificate(const std::uint8_t* der, std::size_t len);
  * \param[in] untrusted intermediate CAs needed to form a chain from the leaf
  *            certificate to one of the supplied trust anchors
  */
-crypto::verify_result_t verify_certificate(const x509_st* cert, const CertificateList& trust_anchors,
-                                           const CertificateList& untrusted);
+verify_result_t verify_certificate(const x509_st* cert, const CertificateList& trust_anchors,
+                                   const CertificateList& untrusted);
 
 /**
  * \brief extract the certificate subject as a dictionary of name/value pairs

diff --git a/modules/EvseV2G/tls.cpp → lib/staging/tls/tls.cpp b/modules/EvseV2G/tls.cpp → lib/staging/tls/tls.cpp
diff --git a/modules/EvseV2G/tls.hpp → lib/staging/tls/tls.hpp b/modules/EvseV2G/tls.hpp → lib/staging/tls/tls.hpp
diff --git a/modules/EvseV2G/CMakeLists.txt b/modules/EvseV2G/CMakeLists.txt
@@ -29,11 +29,15 @@ target_sources(${MODULE_NAME}
 # ev@c55432ab-152c-45a9-9d2e-7281d50c69c3:v1
 # Add pkg-config functionality
 find_package(PkgConfig REQUIRED)
-find_package(OpenSSL)
 
 # search for libevent.pc
 pkg_search_module(EVENT REQUIRED libevent)
 
+target_include_directories(${MODULE_NAME} PRIVATE
+    crypto
+    connection
+)
+
 target_link_libraries(${MODULE_NAME} PUBLIC ${EVENT_LIBRARIES} -levent -lpthread -levent_pthreads)
 
 target_link_libraries(${MODULE_NAME}
@@ -43,8 +47,8 @@ target_link_libraries(${MODULE_NAME}
 
 target_sources(${MODULE_NAME}
     PRIVATE
-        "connection.cpp"
-        "crypto_common.cpp"
+        "connection/connection.cpp"
+        "crypto/crypto_common.cpp"
         "din_server.cpp"
         "iso_server.cpp"
         "log.cpp"
@@ -55,6 +59,9 @@ target_sources(${MODULE_NAME}
 )
 
 if(USING_MBED_TLS)
+target_include_directories(${MODULE_NAME} PRIVATE
+        ../../lib/staging/tls
+)
 target_link_libraries(${MODULE_NAME}
     PRIVATE
         mbedcrypto
@@ -63,20 +70,17 @@ target_link_libraries(${MODULE_NAME}
 )
 target_sources(${MODULE_NAME}
     PRIVATE
-        "crypto_mbedtls.cpp"
+        "crypto/crypto_mbedtls.cpp"
 )
 else()
 target_link_libraries(${MODULE_NAME}
     PRIVATE
-        OpenSSL::SSL
-        OpenSSL::Crypto
+        everest::tls
 )
 target_sources(${MODULE_NAME}
     PRIVATE
-        "crypto_openssl.cpp"
-        "openssl_util.cpp"
-        "tls.cpp"
-        "tls_connection.cpp"
+        "crypto/crypto_openssl.cpp"
+        "connection/tls_connection.cpp"
 )
 endif()
 

diff --git a/modules/EvseV2G/connection.cpp → modules/EvseV2G/connection/connection.cpp b/modules/EvseV2G/connection.cpp → modules/EvseV2G/connection/connection.cpp
diff --git a/modules/EvseV2G/connection.hpp → modules/EvseV2G/connection/connection.hpp b/modules/EvseV2G/connection.hpp → modules/EvseV2G/connection/connection.hpp
diff --git a/modules/EvseV2G/tls_connection.cpp → ...les/EvseV2G/connection/tls_connection.cpp b/modules/EvseV2G/tls_connection.cpp → ...les/EvseV2G/connection/tls_connection.cpp
diff --git a/modules/EvseV2G/tls_connection.hpp → ...les/EvseV2G/connection/tls_connection.hpp b/modules/EvseV2G/tls_connection.hpp → ...les/EvseV2G/connection/tls_connection.hpp
diff --git a/modules/EvseV2G/crypto_common.cpp → modules/EvseV2G/crypto/crypto_common.cpp b/modules/EvseV2G/crypto_common.cpp → modules/EvseV2G/crypto/crypto_common.cpp
diff --git a/modules/EvseV2G/crypto_common.hpp → modules/EvseV2G/crypto/crypto_common.hpp b/modules/EvseV2G/crypto_common.hpp → modules/EvseV2G/crypto/crypto_common.hpp
@@ -6,11 +6,15 @@
 
 #include <cstdint>
 
+#include <openssl_util.hpp>
+
 struct iso1SignedInfoType;
 struct xmldsigSignedInfoType;
 
 namespace crypto {
 
+using verify_result_t = openssl::verify_result_t;
+
 /*!
  * \brief convertIso1ToXmldsigSignedInfoType This function copies V2G iso1SignedInfoType struct into
  * xmldsigSignedInfoType struct type
@@ -20,18 +24,6 @@ namespace crypto {
 void convertIso1ToXmldsigSignedInfoType(struct xmldsigSignedInfoType* xmld_sig_signed_info,
                                         const struct iso1SignedInfoType* iso1_signed_info);
 
-/*!
- * \brief verification result
- */
-enum class verify_result_t : std::uint8_t {
-    verified,
-    CertChainError,
-    CertificateExpired,
-    CertificateRevoked,
-    NoCertificateAvailable,
-    OtherError,
-};
-
 } // namespace crypto
 
 #endif // CRTYPTO_COMMON_HPP_
diff --git a/modules/EvseV2G/crypto_mbedtls.cpp → modules/EvseV2G/crypto/crypto_mbedtls.cpp b/modules/EvseV2G/crypto_mbedtls.cpp → modules/EvseV2G/crypto/crypto_mbedtls.cpp
diff --git a/modules/EvseV2G/crypto_mbedtls.hpp → modules/EvseV2G/crypto/crypto_mbedtls.hpp b/modules/EvseV2G/crypto_mbedtls.hpp → modules/EvseV2G/crypto/crypto_mbedtls.hpp
diff --git a/modules/EvseV2G/crypto_openssl.cpp → modules/EvseV2G/crypto/crypto_openssl.cpp b/modules/EvseV2G/crypto_openssl.cpp → modules/EvseV2G/crypto/crypto_openssl.cpp
diff --git a/modules/EvseV2G/crypto_openssl.hpp → modules/EvseV2G/crypto/crypto_openssl.hpp b/modules/EvseV2G/crypto_openssl.hpp → modules/EvseV2G/crypto/crypto_openssl.hpp
diff --git a/modules/EvseV2G/tests/CMakeLists.txt b/modules/EvseV2G/tests/CMakeLists.txt
@@ -8,7 +8,7 @@ add_executable(${TLS_GTEST_NAME})
 add_dependencies(${TLS_GTEST_NAME} generate_cpp_files)
 
 target_include_directories(${TLS_GTEST_NAME} PRIVATE
-    . ..
+    . .. ../crypto
     ${GENERATED_INCLUDE_DIR}
     ${CMAKE_BINARY_DIR}/generated/modules/${MODULE_NAME}
 )
@@ -20,18 +20,15 @@ target_compile_definitions(${TLS_GTEST_NAME} PRIVATE
 target_sources(${TLS_GTEST_NAME} PRIVATE
     gtest_main.cpp
     log.cpp
-    openssl_util_test.cpp
-    ../crypto_common.cpp
-    ../crypto_openssl.cpp
-    ../openssl_util.cpp
+    ../crypto/crypto_common.cpp
+    ../crypto/crypto_openssl.cpp
 )
 
 target_link_libraries(${TLS_GTEST_NAME} PRIVATE
-    OpenSSL::SSL
-    OpenSSL::Crypto
     GTest::gtest
     everest::openv2g
     everest::framework
+    everest::tls
 )
 
 set(TLS_MAIN_NAME tls_test)
@@ -47,13 +44,10 @@ target_compile_definitions(${TLS_MAIN_NAME} PRIVATE
 
 target_sources(${TLS_MAIN_NAME} PRIVATE
     tls_main.cpp
-    ../openssl_util.cpp
-    ../tls.cpp
 )
 
 target_link_libraries(${TLS_MAIN_NAME} PRIVATE
-    OpenSSL::SSL
-    OpenSSL::Crypto
+    everest::tls
 )
 
 set(V2G_MAIN_NAME v2g_test)
@@ -62,21 +56,20 @@ add_executable(${V2G_MAIN_NAME})
 add_dependencies(${V2G_MAIN_NAME} generate_cpp_files)
 
 target_include_directories(${V2G_MAIN_NAME} PRIVATE
-    . .. ../../../tests/include
+    . .. ../connection ../../../tests/include
     ${GENERATED_INCLUDE_DIR}
     ${CMAKE_BINARY_DIR}/generated/modules/${MODULE_NAME}
     ${CMAKE_BINARY_DIR}/generated/include
 )
 
 target_compile_definitions(${V2G_MAIN_NAME} PRIVATE
     -DUNIT_TEST
+
 )
 
 target_sources(${V2G_MAIN_NAME} PRIVATE
-    ../connection.cpp
-    ../openssl_util.cpp
-    ../tls.cpp
-    ../tls_connection.cpp
+    ../connection/connection.cpp
+    ../connection/tls_connection.cpp
     ../tools.cpp
     ../v2g_ctx.cpp
     log.cpp
@@ -85,14 +78,10 @@ target_sources(${V2G_MAIN_NAME} PRIVATE
 )
 
 target_link_libraries(${V2G_MAIN_NAME} PRIVATE
-    OpenSSL::SSL
-    OpenSSL::Crypto
     everest::log
     everest::framework
     everest::openv2g
-    mbedcrypto
-    mbedtls
-    mbedx509
+    everest::tls
     -levent -lpthread -levent_pthreads
 )
 
@@ -110,14 +99,4 @@ install(
     DESTINATION "${CMAKE_CURRENT_BINARY_DIR}"
 )
 
-# should be a better way!!!
-if(USING_MBED_TLS)
-target_compile_definitions(${TLS_MAIN_NAME} PRIVATE
-    EVEREST_MBED_TLS
-)
-target_compile_definitions(${V2G_MAIN_NAME} PRIVATE
-    EVEREST_MBED_TLS
-)
-endif()
-
-# add_test(${TEST_TARGET_NAME} ${TEST_TARGET_NAME})
+add_test(${TLS_GTEST_NAME} ${TLS_GTEST_NAME})