ghost
commented
3 years ago Was able to extract a signed XML payload using the methods added to the readme:
{
"ns7:V2G_Message": {
"@xmlns:ns7": "urn:iso:15118:2:2013:MsgDef",
"@xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
"@xmlns:ns3": "http://www.w3.org/2001/XMLSchema",
"@xmlns:ns4": "http://www.w3.org/2000/09/xmldsig#",
"@xmlns:ns5": "urn:iso:15118:2:2013:MsgBody",
"@xmlns:ns6": "urn:iso:15118:2:2013:MsgDataTypes",
"@xmlns:ns8": "urn:iso:15118:2:2013:MsgHeader",
"ns7:Header": {
"ns8:SessionID": "81E9D40000000000",
"ns4:Signature": {
"ns4:SignedInfo": {
"ns4:CanonicalizationMethod": {
"@Algorithm": "http://www.w3.org/TR/canonical-exi/"
},
"ns4:SignatureMethod": {
"@Algorithm": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"
},
"ns4:Reference": {
"@URI": "#ID001",
"ns4:Transforms": {
"ns4:Transform": {
"@Algorithm": "http://www.w3.org/TR/canonical-exi/"
}
},
"ns4:DigestMethod": {
"@Algorithm": "http://www.w3.org/2001/04/xmlenc#sha256"
},
"ns4:DigestValue": "Yf+2hj2l5lI/MOzqhm76FaJeLtgsydIdY/c1lTKNJ8U="
}
},
"ns4:SignatureValue": "HBC9jqiJ9vMm6CmJ62oBZU0wIjAoE7/4SKKzp+toxGhcvGeOZdnVgJQUG4/qQvor66h87FPot03QV/yrJJ0Fxg=="
}
},
"ns7:Body": {
"ns5:AuthorizationReq": {
"@ns5:Id": "ID001",
"ns5:GenChallenge": "KwjKU9ogG9sN+Mk4yuNp/w=="
}
}
}
}Directly before this packet was one that appears to contain some unknown data which I'm guessing is related to validation of the xmldsig:
<?xml version="1.0" encoding="utf-8"?>
<ns7:V2G_Message xmlns:ns7="urn:iso:15118:2:2013:MsgDef"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ns3="http://www.w3.org/2001/XMLSchema"
xmlns:ns4="http://www.w3.org/2000/09/xmldsig#"
xmlns:ns5="urn:iso:15118:2:2013:MsgBody"
xmlns:ns6="urn:iso:15118:2:2013:MsgDataTypes"
xmlns:ns8="urn:iso:15118:2:2013:MsgHeader">
<ns7:Header>
<ns8:SessionID>81E9D400</ns8:SessionID>
</ns7:Header>
<ns7:Body>
<ns5:PaymentServiceSelectionRes>
<ns5:ResponseCode>OK</ns5:ResponseCode>
</ns5:PaymentServiceSelectionRes>
</ns7:Body>
</ns7:V2G_Message>
line 1 column 206 - Warning: replacing invalid character code 145
line 1 column 207 - Warning: replacing invalid character code 147
<?xml version="1.0" encoding="utf-8"?>
<xsi:nil xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ns3="http://www.w3.org/2001/XMLSchema"
xmlns:ns4="urn:iso:15118:2:2010:AppProtocol">
<á‘“/></xsi:nil>
<?xml version="1.0" encoding="utf-8"?>
<ns7:V2G_Message xmlns:ns7="urn:iso:15118:2:2013:MsgDef"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ns3="http://www.w3.org/2001/XMLSchema"
xmlns:ns4="http://www.w3.org/2000/09/xmldsig#"
xmlns:ns5="urn:iso:15118:2:2013:MsgBody"
xmlns:ns6="urn:iso:15118:2:2013:MsgDataTypes"
xmlns:ns8="urn:iso:15118:2:2013:MsgHeader">
<ns7:Header>
<ns8:SessionID>81E9D400</ns8:SessionID>
</ns7:Header>
<ns7:Body>
<ns5:PaymentDetailsRes>
<ns5:ResponseCode>OK</ns5:ResponseCode>
<ns5:GenChallenge>KwjKU9ogG9sN+Mk4yuNp/w==</ns5:GenChallenge>
<ns5:EVSETimeStamp>0</ns5:EVSETimeStamp>
</ns5:PaymentDetailsRes>
</ns7:Body>
</ns7:V2G_Message>
Add more TLS key extraction code to Python decryptor
Adds example tshark command and docker setup to auto-decode an entire stream from pcap