Merge pull request #27 from c-jimenez/releases/v0.4.0

Releases/v0.4.0

Author: c-jimenez

.github/workflows/c-cpp.yml

@@ -0,0 +1,23 @@
+name: C/C++ CI
+
+on:
+  push:
+    branches: [ develop ]
+  pull_request:
+    branches: [ develop ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: make gcc
+      run: make gcc-native
+    - name: unit tests gcc
+      run: make tests-gcc-native
+    - name: make clang
+      run: make clang-native
+    - name: unit tests clang
+      run: make tests-clang-native

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,69 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ develop ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ develop ]
+  schedule:
+    - cron: '40 18 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    # - name: Autobuild
+    #  uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    - run: |
+       make clang-native
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

CMakeLists.txt

@@ -10,6 +10,9 @@ project(OpenOCPP)
 include(CMakeLists_Options.txt)
 
 # Target toolchain definition and specific compiler flags
+if(NOT DEFINED TARGET)
+    set(TARGET native)
+endif()
 include(CMakeLists_${TARGET}.txt)
 
 # Subdirectories

examples/common/config/CentralSystemConfig.h

@@ -76,8 +76,6 @@ class CentralSystemConfig : public ocpp::config::ICentralSystemConfig
     std::string tlsServerCertificatePrivateKeyPassphrase() const override { return getString("TlsServerCertificatePrivateKeyPassphrase"); }
     /** @brief Certification Authority signing chain for the server certificate */
     std::string tlsServerCertificateCa() const override { return getString("TlsServerCertificateCa"); }
-    /** @brief Certification Authority signing chain for the clients certificates */
-    std::string tlsClientCertificateCa() const override { return getString("TlsClientCertificateCa"); }
     /** @brief Enable client authentication using certificate */
     bool tlsClientCertificateAuthent() const override { return getBool("TlsClientCertificateAuthent"); }
 

examples/common/config/ChargePointConfig.h

@@ -63,6 +63,14 @@ class ChargePointConfig : public ocpp::config::IChargePointConfig
     std::string tlsv13CipherList() const override { return getString("Tlsv13CipherList"); }
     /** @brief ECDH curve to use for TLS connections */
     std::string tlsEcdhCurve() const override { return getString("TlsEcdhCurve"); }
+    /** @brief Certification Authority signing chain for the server certificate */
+    std::string tlsServerCertificateCa() const override { return getString("TlsServerCertificateCa"); }
+    /** @brief Client certificate */
+    std::string tlsClientCertificate() const override { return getString("TlsClientCertificate"); }
+    /** @brief Client certificate's private key */
+    std::string tlsClientCertificatePrivateKey() const override { return getString("TlsClientCertificatePrivateKey"); }
+    /** @brief Client certificate's private key passphrase */
+    std::string tlsClientCertificatePrivateKeyPassphrase() const override { return getString("TlsClientCertificatePrivateKeyPassphrase"); }
     /** @brief Allow TLS connections using self-signed certificates
      *         (Warning : enabling this feature is not recommended in production) */
     bool tlsAllowSelfSignedCertificates() const override { return getBool("TlsAllowSelfSignedCertificates"); }

examples/quick_start_centralsystem/config/quick_start_centralsystem.ini

@@ -1,7 +1,7 @@
 [CentralSystem]
 DatabasePath=./quick_start_centralsystem.db
 JsonSchemasPath=../../schemas/ocpp16/
-ListenUrl=ws://127.0.0.1:8180/steve/websocket/CentralSystemService/
+ListenUrl=wss://127.0.0.1:8080/openocpp/
 CallRequestTimeout=2000
 WebSocketPingInterval=30
 BootNotificationRetryInterval=30
@@ -14,6 +14,5 @@ TlsServerCertificate=../../examples/certificates/open-ocpp_central-system.crt
 TlsServerCertificatePrivateKey=../../examples/certificates/open-ocpp_central-system.key
 TlsServerCertificatePrivateKeyPassphrase=
 TlsServerCertificateCa=../../examples/certificates/open-ocpp_ca.crt
-TlsClientCertificateCa=../../examples/certificates/open-ocpp_ca.crt
-TlsClientCertificateAuthent=false
+TlsClientCertificateAuthent=true
 LogMaxEntriesCount=2000

examples/quick_start_chargepoint/config/quick_start_chargepoint.ini

@@ -1,13 +1,17 @@
 [ChargePoint]
 DatabasePath=./quick_start_chargepoint.db
 JsonSchemasPath=../../schemas/ocpp16/
-ConnexionUrl=ws://127.0.0.1:8180/steve/websocket/CentralSystemService/
+ConnexionUrl=wss://127.0.0.1:8080/openocpp/
 Tlsv12CipherList=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-WITH-AES-256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:TLS-PSK-WITH-AES-256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-WITH-AES-128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:TLS-PSK-WITH-AES-128-GCM-SHA256
 Tlsv13CipherList=TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
 TlsEcdhCurve=prime256v1
-TlsAllowSelfSignedCertificates=true
-TlsAllowExpiredCertificates=true
-TlsAcceptNonTrustedCertificates=true
+TlsServerCertificateCa=../../examples/certificates/open-ocpp_ca.crt
+TlsClientCertificate=../../examples/certificates/open-ocpp_charge-point.crt
+TlsClientCertificatePrivateKey=../../examples/certificates/open-ocpp_charge-point.key
+TlsClientCertificatePrivateKeyPassphrase=
+TlsAllowSelfSignedCertificates=false
+TlsAllowExpiredCertificates=false
+TlsAcceptNonTrustedCertificates=false
 TlsSkipServerNameCheck=true
 ChargePointIdentifier=ChargePointTest
 ConnectionTimeout=2000

examples/remote_chargepoint/config/remote_chargepoint.ini

@@ -1,13 +1,17 @@
 [ChargePoint]
 DatabasePath=./remote_chargepoint.db
 JsonSchemasPath=../../schemas/ocpp16/
-ConnexionUrl=ws://127.0.0.1:8180/steve/websocket/CentralSystemService/
+ConnexionUrl=wss://127.0.0.1:8080/openocpp/
 Tlsv12CipherList=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-WITH-AES-256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:TLS-PSK-WITH-AES-256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-WITH-AES-128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:TLS-PSK-WITH-AES-128-GCM-SHA256
 Tlsv13CipherList=TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
 TlsEcdhCurve=prime256v1
-TlsAllowSelfSignedCertificates=true
-TlsAllowExpiredCertificates=true
-TlsAcceptNonTrustedCertificates=true
+TlsServerCertificateCa=../../examples/certificates/open-ocpp_ca.crt
+TlsClientCertificate=../../examples/certificates/open-ocpp_charge-point.crt
+TlsClientCertificatePrivateKey=../../examples/certificates/open-ocpp_charge-point.key
+TlsClientCertificatePrivateKeyPassphrase=
+TlsAllowSelfSignedCertificates=false
+TlsAllowExpiredCertificates=false
+TlsAcceptNonTrustedCertificates=false
 TlsSkipServerNameCheck=true
 ChargePointIdentifier=ChargePointTest
 ConnectionTimeout=2000

src/centralsystem/CentralSystem.cpp

@@ -167,8 +167,8 @@ bool CentralSystem::start()
         credentials.server_certificate_private_key            = m_stack_config.tlsServerCertificatePrivateKey();
         credentials.server_certificate_private_key_passphrase = m_stack_config.tlsServerCertificatePrivateKeyPassphrase();
         credentials.server_certificate_ca                     = m_stack_config.tlsServerCertificateCa();
-        credentials.client_certificate_ca                     = m_stack_config.tlsClientCertificateCa();
         credentials.client_certificate_authent                = m_stack_config.tlsClientCertificateAuthent();
+        credentials.encoded_pem_certificates                  = false;
 
         // Start listening
         ret = m_rpc_server->start(m_stack_config.listenUrl(), credentials, m_stack_config.webSocketPingInterval());

src/centralsystem/interface/ICentralSystemConfig.h

@@ -69,8 +69,6 @@ class ICentralSystemConfig
     virtual std::string tlsServerCertificatePrivateKeyPassphrase() const = 0;
     /** @brief Certification Authority signing chain for the server certificate */
     virtual std::string tlsServerCertificateCa() const = 0;
-    /** @brief Certification Authority signing chain for the clients certificates */
-    virtual std::string tlsClientCertificateCa() const = 0;
     /** @brief Enable client authentication using certificate */
     virtual bool tlsClientCertificateAuthent() const = 0;