Added a global error handler for CryptographyException errors.Added a dependency ony pytest-mock library in order to be able to mock method calls in tests.Covered the added global CryptographyException error handler in a test.
Added logging of OperationalError errors
Merge remote-tracking branch 'origin/8696_Improve_database_init'
Update swagger.yaml
Re #8696 - Added TODO to SQL query constant
Re #8696 - Improved DB creation- secured start application without lost data
Re #8706 - Fixed a bug where certificates without usages would not be returned when the usage filter was unspecified. Added a related integration test.
Re #8706 - Extensions specification improvement
Merge branch 'resolve_conflicts_master'
Merge branch 'resolve_conflicts' into resolve_conflicts_master
Re #8705 - Fixed a merge conflict.
[Merge conflict] - reverted controller version from #8702
[Merge conflict] - reverted controller version from #8705
Merge branch 'master' into '8705_rapi_private_key'
Re #8705 - `verify_key` bugfix - added check whether the passed PEM is an actual key
Re #8705 - Review updates.
Re #8702 - Updated Certificate constructors in compliance with the recent database updates.
Merge branch '8702_augmented_filtering' into 'master'
8702 Augmented filtering of certificates
See merge request aswi/aswi-2021/aswi2021jmsd!25
Merge branch '8704_create_cert_extensions' into 'master'
8704 Let certificate extensions be specified via REST API
See merge request aswi/aswi-2021/aswi2021jmsd!24
Re #8704 - Minor fix (return code 500 -> 400)
Merge branch '8708_PKCS_Identity' into 'master'
8708 pkcs identity
See merge request aswi/aswi-2021/aswi2021jmsd!22
Re #8708 - Changed the generate_pkcs_identity method of the CertificateService in such way that the Certificate class instance is now passed instead of a certificate ID resulting in a decrease of SQL queries.
Re #8708 - Added a unit test covering a scenario in which an empty identity password is passed to the generate_pkcs_identity method of the CryptographyService
Improved the generate_pkcs_identity method in such way that when None is passed as the identity password then an empty string literal ("") is used instead.
Re #8704 - Minor fix (extensions default None -> "")
Re #8704 - Added the `extension` parameter to the create endpoint.
Re #8702 - Minor bug and flow fixes.
Re #8702 - Finished implementing filtering methods in the CertService.
Re #8702 - Added filtering methods to CertRepository.
Re #8708 - Changed /api/certificates/{id}/identity endpoint method back to POST (facepalm)
Changed REST API tests accordingly.
Merge branch '8590_Implement_subject_fields'
Re #8702 - Started implementing required CertService updates.
Re #8702 - Reformed CertController's `get_list_of_certs` method, improved filtering logic.
Re #8708 - Changed the swagger.yaml accordingly to the previous REST API endpoint changes (/api/certificate/{id}/identity endpoint)
Changed method from POST to GET.Changed 201 status code to 200.Improved status code descriptions.Improved ID parameter description....
Re #8708 - Changed the behaviour of the generate_pkcs_identity method in the CryptographyService that now does not use the -CAfile argument when the passed chain of trust is empty
Added a unit test verifying that the changed method works as expected when empty chain of trust is passed
Re #8708 - Added a new REST API endpoint used for generating a PKCS12 identities of certificates
Re #8708 - Implemented a new method in the CertificateService that does generate a PKCS12 identity by using the CryptographyService
Covered the new method with few integration testsFixed minor typos in the CertificateService
Re #8705 - Added the `find_pk` method to PKRepo.
Re #8705 - Added the `verify_key` method to CryptoService.
Re #8705 - Added wrapping methods and the `verify_key` method to KeyService.
Re #8705 - Adjusted CertController to handle all combinations of PEM/pass supply. Added calls to a not-yet-existing `verify_key(...)` method of PK service.
Re #8700 - Review merge.
Re #8708 - Implemented a new method in the CryptographyService that allows the caller to create a PKCS12 identity of a certificate and it's chain of trust
Covered the new method with unit tests.
Re #8590 - Modified IF statement- revocation data can be None
Re #8590 - Modified methods due to fields of subject implemented
Re #8590 - Implemented all fields of subject into DB
Hotfix - logpath definition
Merge branch 'master' into '8670_Enhance_revocation_logic'
Re #8707 - Logging of used config file improved
Re #8707 - Log level mapping via dictionary, minor adjustments during review
Re #8670 - Covered certificate_repository by the CRUD tests
Re #8707 - Added logging for the new functionality
Re #8707 - Enhanced logging to set log level based on config file
Re #8707 - Implemented get_certificate_state() in CertificateRepository
Re #8707 - Implemented status in the controller, prepared method in CertificateService
Re #8707 - Added necessary state constants
Merge branch '8570_Implement_logging'
Re #8670 - Modified deletion for historical storage of certificates
Re #8570 - Rotating file settings
Merge branch '8709_include_root_in_chain' into 'master'
Re #8709 - included root certificate into the trust chain
See merge request aswi/aswi-2021/aswi2021jmsd!17
Updated swagger.yaml
Re #8700 - Implemented certificate revalidation check and fixed affected tests
Re #8570 - Added logs
Re #8570 - Messages logging
Certificate usage hotfix before DEMO #4 - digital signature does not specify timestamping
Re #8570 - Logger configuration- implemented dictionary to string in utils- implemented log functions with parameter message only (name of file, name of class and name of functionare getting automaticaly)
Merge branch 'master' into 8570_Implement_logging
Re #8570 - Logged configuration
Re #8585 - Improved a code comment in usages_to_extensions.py
Re #8585 - Fixed an issue where required extensions based on cert. usages were not present in the generated certificate
Created an utility that converts usages to extension configuration linesDefined which extension field flags are required for certain usages
Re #8576 crl endpointMerge branch '8576_crl_endpoint' into 'master'See merge request aswi/aswi-2021/aswi2021jmsd!15
Re #8577 - Minor refactoring (crl -> crl_ocsp).
Merge remote-tracking branch 'origin/8576_crl_endpoint' into 8576_crl_endpoint
Re #8576 - openssl config template update, comment added
Re #8577 - Minor adjustment to accept binary contents.
Re #8577 - Added a `generate_ocsp` method to the CryptoService - calls OpenSSL to generate the response.
Re #8577 - Added a `create_index` method (= index including valid certificates) to the CRL Service.
Re #8577 - Added handle methods for OCSP to the CrlOcspController.
Re #8576 - Fix of specifying CRL and OCSP endpoint
Re #8576 - Added crl endpoint integration tests, fix of serial number
Re #8570 - Setted configuration of logging
Re #8576 - Fixed generating index file for generating empty CRL
Re #8576 - implemented CRL endpoint
Re #8576 - moved return codes to separate file
Merge branch '8583_interactive_details_page' into 'master'
8583 - Interactive details page
See merge request aswi/aswi-2021/aswi2021jmsd!14
Re #8576 - calling CryptographyService from CrlService, passphrase support
Re #8576 - cryptography.py implemented generate_crl()
Re #8576 - CrlService implemented generate_crl_response(), prepared method generate_crl in CryptographyService
Re #8576 - moved CertificateNotFoundException to separate file
Re #8575 - Serial number item in the index file is now always uppercase
Re #8575 - Fixed an issue where when creating an index file the valid_to field was passed instead of the revocation_date field
Re #8575 - Fixed an issue where serial number was not passed when creating certificatesRemoved a TODO that has already been fixed
Re #8570 - Implemented logger- implemented static functions (debug, info, warning, error, critical) (sorted by level)- used configuration for setting logging library
Re #8575 - Implemented CrlService that allows the caller to generate a CA database index of revoked certificates
Added an integration test verifying its validity.Renamed NOT_BEFORE_AFTER_DATE_FORMAT constant to VALID_FROM_TO_DATE_FORMAT in certificate_service.py....
Re #8575 - Added a file that defines methods used for generating CA index file lines
Added unit tests verifying the validity of added methods
Re #8575 - Added unit tests verifying that serial number is set when creating a self signed certificate