aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2021-07-01Merge "[OOM-CERT-SERVICE] Add handling cmp response when PBM value is missing."Bogumil Zebek2-20/+106
2021-07-01[OOM-CERT-SERVICE] Add logic for KUR/CR detectionRemigiusz Janeczek23-135/+1246
Issue-ID: OOM-2753 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I571ad3914a870dde83929cb6121c2c63a5df3ae4
2021-06-30[OOM-CERT-SERVICE] Modify EJBCA configurationJoanna Jeremicz3-2/+13
- Do not create default ManagementCA with generated UID - Create ManagementCA with hardcoded UID to allow performing KUR Issue-ID: OOM-2753 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com> Change-Id: Ief51c27200300118ffa0206ba2657504ce4bc69c
2021-06-30[OOM-CERT-SERVICE] Add handling cmp response when PBM value is missing.Tomasz Wrobel2-22/+106
Issue-ID: OOM-2753 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I38de28c994b5c83f936b3b5ea47d024a96f4733e
2021-06-30[OOM-CERT-SERVICE] Add curl requests to MakefileRemigiusz Janeczek5-0/+144
Increase max header size (default was too low for update requests) Issue-ID: OOM-2753 Change-Id: I3614d8d34ed18ae52cec8fb4f9349e170c2ac3af Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
2021-06-30[OOM-CERT-SERVICE] Add Certificate Update Admin rolePiotr Marcinkiewicz1-0/+7
Add Certificate Update Admin role in order to allow performing KUR/CR in EJBCA. Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ib07a694c6a88d5ad58059cd331d2eddbcaf8a97b
2021-06-29Merge "[OOM-CERT-SERVICE] Add update endpoint"Bogumil Zebek4-7/+195
2021-06-29[OOM-CERT-SERVICE] Add update endpointPiotr Marcinkiewicz4-7/+195
- Add endpoint with old cert and old PK parameters for KUR/CR requests Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I094ce1a39a11bbb94f94e0b13ca7ff71eb99dd30
2021-06-28[OOM-CERT-SERVICE] Implement signature PKIMessage protectionPiotr Marcinkiewicz11-90/+611
- Add signature protection - Refactor password-based protection code - Add JUnit tests Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I398568a35e52a816c32646c8915db5c287ede401
2021-06-18Merge "Fix sonar issues"Pawel Baniewski14-69/+59
2021-06-18Merge "[OOM-CERT-SERVICE] Deprecate certServiceClient - update docs"Pawel Baniewski15-436/+249
2021-06-15Merge "[OOM-CERT-SERVICE] Fix cmpv2 issuer error when CRD is removed"Pawel Baniewski1-3/+4
2021-06-15[OOM-CERT-SERVICE] Fix cmpv2 issuer error when CRD is removedTomasz Wrobel1-3/+4
Issue-ID: OOM-2771 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I28f7a0d7fb3e7f6227b0a4ac64ca45c274956b8e
2021-06-10[OOM-CERT-SERVICE] Deprecate certServiceClient - update docsPiotr Marcinkiewicz15-436/+249
- Remove certServiceClient description from docs - Move descrption of CMPv2 provider to "How to use functionality" - Update description of getting certs for CertService in OOM - Update certService version to 2.4.0 Issue-ID: OOM-2744 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I283755b8fbd579646f979c88ea3022266855c4dc
2021-06-10Fix sonar issuesRemigiusz Janeczek14-69/+59
Issue-ID: OOM-2764 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: Iab71cbcac1982207e6f29b4b046280ad27143e03
2021-06-02Merge "[OOM-CERT-SERVICE] Configure EJBCA to handle Key Update Request"Bogumil Zebek1-1/+5
2021-06-01Deprecate certServiceClientRemigiusz Janeczek4-6/+9
- disable certServiceClient submodule - set fixed version for certServiceClient image usage Issue-ID: OOM-2744 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: Ibfca21ffe4310e7a5d124853c4b33c1c481f10a8
2021-06-01[OOM-CERT-SERVICE] Configure EJBCA to handle Key Update RequestPiotr Marcinkiewicz1-1/+5
Change RA response protection from pbe to signature, set HMAC and End entity certificate authentication in order to enable Key Update Request in EJBCA. Set default CA, which will sign Confirmation Response message. Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I1ab13b0a55711291a8c2a1448ae3497747348d67
2021-05-11[OOM-CERT-SERVICE] Update EJBCA image tag to 7.4.3.2Tomasz Wrobel1-1/+1
Issue-ID: OOM-2649 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I1c1d650b5bb85aa5a235f1e9476475e30a90987c
2021-02-24Create Honolulu release noteshonoluluPiotr Marcinkiewicz1-21/+28
Issue-ID: REQ-601 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I4bbce41cb8e9dde9f90ad8eb8e3f1a85d0ea94fa
2021-01-27Release 2.3.3Joanna Jeremicz2-1/+18
Issue-ID: OOM-2658 Signed-off-by: Joanna Jeremicz <joanna.jeremicz@nokia.com> Change-Id: I360bed0c0cd01da65d46d02abf73bddb9710329d
2021-01-27[OOM-CERT-SERVICE] Fix KeyUsage extention sent to CMPv2 server2.3.3Piotr Marcinkiewicz2-6/+87
- fix setting key usage to digitalSignature & keyEncipherment & nonRepudiation - set extended key usage to clientAuth & serverAuth Issue-ID: OOM-2658 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I5c00f622c3d117a63e4f48a3d2a90fd48cce3d0e
2021-01-19[CMPV2] Fix NPE & enhance error messagesJan Malkiewicz14-103/+254
Fix NPE. Include error messages returned by CMP server in API response. Issue-ID: OOM-2657 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: I6ec46b14ba04b5be10de5994236efd8fc14c5d2e
2020-12-28Release CertService 2.3.2Remigiusz Janeczek2-0/+59
Issue-ID: OOM-2656 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I232c132b8dbcc657dce8de0d5bcc5e6af64a4491
2020-12-22Merge "[OOM-CERT-SERVICE] Align implementation with RFC4210"2.3.2Pawel Baniewski13-24/+32
2020-12-21[CMPV2] Add description of the flag CMPv2CertManagerIntegrationJan Malkiewicz1-0/+3
Issue-ID: OOM-2560 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: Ifb5f045d54ea5d2e1673bebf1af1e3113b71375c
2020-12-18[OOM-CERT-SERVICE] Align implementation with RFC4210Piotr Marcinkiewicz13-24/+32
- change MAC algorithm - limit iterations to random value from 1000-2000 range - correct caName validation to allow URL safe characters Issue-ID: OOM-2656 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I2c320607e7a02996cd249f45ac224e3f3a8aa3c9
2020-12-18[CMPV2] Enhance documentation for CMPv2 cert providerJan Malkiewicz2-12/+14
Issue-ID: OOM-2560 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: I0a8a1979ca815a76b2e3318cc357da848fe52a9e
2020-12-15[OOM-K8S-CERT-EXTERNAL-PROVIDER] Add information about SANs to external providerPiotr Marcinkiewicz1-1/+9
Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ib4cb6d07db38aff7cfe1bdb1710d3c2c193cfcdf
2020-12-09[OOM-CERT-SERVICE] Correct SANs documentation and loggingPiotr Marcinkiewicz2-6/+4
- correct properties logging format in external provider - correct SANs documentation Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: If58e6ca53849e6d091bba652b1cc091f37d8eeeb
2020-12-02[OOM CERT-SERVICE] Release CertService 2.3.1Remigiusz Janeczek2-1/+59
Issue-ID: OOM-2559 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I44c2a5bd559ca89501e952f088e425dd1068fc6b
2020-12-02[OOM CERT-SERVICE-CLIENT] Fix null pointer when sans empty2.3.1Remigiusz Janeczek10-22/+53
Issue-ID: OOM-2632 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I5e05eb2923b96313cb1d37eb844862289d6acae1
2020-12-01[OOM CERT-SERVICE] Release CertService 2.3.0Piotr Marcinkiewicz2-0/+57
Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I19fdf5c00656e4a309da3ad3b696e38a3cfe1cf3
2020-11-26[OOM CERT-SERVICE DOCS] Add Honolulu in change-log2.3.0Tomasz Wrobel1-0/+66
Issue-ID: OOM-2633 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: Ic2fecf421d8280e02195ebda2b0dc735d7274c81
2020-11-26Merge "[OOM-K8S-CERT-EXTERNAL-PROVIDER] Add documentation for k8s external ↵Bogumil Zebek2-0/+139
provider"
2020-11-26Merge "[OOM-CERT-SERVICE] Update documentation with new Sans types"Bogumil Zebek3-22/+24
2020-11-25[OOM-K8S-CERT-EXTERNAL-PROVIDER] Add documentation for k8s external providerJan Malkiewicz2-0/+139
Issue-ID: OOM-2560 Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com> Change-Id: I76659e1369c2a6ec43f9d31326ff0c43d6a1ccdc
2020-11-25Merge "[OOM CERT-SERVICE DOCS] Align release notes to template"Pawel Baniewski3-258/+334
2020-11-25[OOM CERT-SERVICE DOCS] Align release notes to templateTomasz Wrobel3-258/+334
Issue-ID: OOM-2633 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I891a0817f5e2b08e7420c3f007e85d096d3e3a96
2020-11-25Merge "[OOM cert-service-client] Add validation of email, ip and domain name"Bogumil Zebek25-169/+638
2020-11-25[OOM cert-service-client] Add validation of email, ip and domain namekjaniak25-169/+638
Added SanMapper to distinguish types of SANS. ExitableException changed to RuntimeException. Introcudced intermediate object San. Issue-ID: OOM-2559 Signed-off-by: kjaniak <kornel.janiak@nokia.com> Change-Id: I060de9869ab9fd737a474f683a251abd8431d224
2020-11-25[OOM-CERT-SERVICE] Update documentation with new Sans typesPiotr Marcinkiewicz3-22/+24
- Update documentation - Update "How to run" CertService client Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I0ae26661bd695accb884ba9e56946197052bc535
2020-11-24[OOM-CertService] Missing release_notes: tag in rst docs:deen19851-2/+4
docs/release-notes.rst updated to include ".. _release_notes:" after the license. Now if can be referred properly in ONAP docs "project release notes" Change-Id: Ie84243fbf67be5e70a6e1a02176a3991b63f70f5 Signed-off-by: Damian Nowak <damian.nowak@nokia.com> Issue-ID: OOM-2637
2020-11-23Merge "[OOM CERT-SERVICE-API] Add support for URI, IP, E-mail in SANs"Pawel Baniewski8-150/+145
2020-11-20[OOM CERT-SERVICE-CLIENT] Improve readability of URI regexTomasz Wrobel2-17/+36
Issue-ID: OOM-2632 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: Ic016c788d4dfde95ecd5eca955508385cd144bb4
2020-11-20[OOM CERT-SERVICE-API] Add support for URI, IP, E-mail in SANsTomasz Wrobel8-150/+145
Issue-ID: OOM-2632 Change-Id: I903c31ebe05521e281753cb847001ba99275f758 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
2020-11-19Merge "[OOM CERT-SERVICE-CLIENT] Add URI validator (RFC 3986)"Bogumil Zebek3-0/+215
2020-11-19[OOM CERT-SERVICE-CLIENT] Add URI validator (RFC 3986)Tomasz Wrobel3-0/+215
Issue-ID: OOM-2632 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: Ia71d413a56f65b0a51ff5c2e7522035f41e06faf
2020-11-19Merge "Update ejbca config to allow emails, uris and ip addresses"Bogumil Zebek1-4/+175
2020-11-18Update ejbca config to allow emails, uris and ip addressesRemigiusz Janeczek1-4/+175
Issue-ID: OOM-2632 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: Iba089c85afb8b6cbb37c9257e9d57916970855b6