search

SwitchEV / RISE-V2G

The only fully-featured reference implementation of the Vehicle-2-Grid communication interface ISO 15118
MIT License
220 stars 92 forks source link

saveContractCertificateChain - Path to keystore #55

Closed PySchilling closed 4 years ago

PySchilling commented 4 years ago

Dear Marc,

I come to one place in the code and the intention is not clear to me where to store the keystore after and updateing or installing certificates.

public static boolean saveContractCertificateChain(
        String keyStorePassword, 
        CertificateChainType contractCertChain,
        ECPrivateKey contractCertPrivateKey) {

KeyStore keyStore = getKeyStore(GlobalValues.EVCC_KEYSTORE_FILEPATH.toString(), keyStorePassword);

try {
    if (isPrivateKeyValid(contractCertPrivateKey, contractCertChain)) {
        keyStore.setKeyEntry(
                GlobalValues.ALIAS_CONTRACT_CERTIFICATE.toString(), 
                contractCertPrivateKey, 
                keyStorePassword.toCharArray(), 
                getCertificateChain(contractCertChain)); 

        // Save the keystore persistently
        try(FileOutputStream fos = new FileOutputStream("evccKeystore.jks")){
            keyStore.store(fos, 
                                  GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString().toCharArray());
                }

Should the saved keystore be a different one or should update the exitsing one?

// Save the keystore persistently
try(FileOutputStream fos = new FileOutputStream(GlobalValues.EVCC_KEYSTORE_FILEPATH.toString())){
    keyStore.store(fos, 
        GlobalValues.PASSPHRASE_FOR_CERTIFICATES_AND_KEYS.toString().toCharArray());
}

Best regards, Volker

MarcMueltin commented 4 years ago

Hi Volker, you're right, good point. You should use the value stated in GlobalValues. EVCC_KEYSTORE_FILEPATH. The "evccKeystore.jks" is a hard-coded value that shouldn't be there. I took care of it wit commit ce7c41d.