From 6f95532eadcfd6c3a154b4e22dbc085e81cda6e6 Mon Sep 17 00:00:00 2001 From: Piotr Marcinkiewicz Date: Thu, 15 Jul 2021 09:35:21 +0200 Subject: [PATCH] [OOM-CERT-SERVICE] Update OpenAPI - Update OpenAPI after introduction certificate update endpoint Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz Change-Id: I16117a9dc9f854ba04b39ca1133c19d052e8f7db --- certService/README.md | 4 +- .../certservice/api/CertificationController.java | 24 +++++- docs/sections/resources/OpenAPI.yaml | 95 +++++++++++++++++++--- 3 files changed, 107 insertions(+), 16 deletions(-) diff --git a/certService/README.md b/certService/README.md index b7d4fdd6..76bfba23 100644 --- a/certService/README.md +++ b/certService/README.md @@ -95,9 +95,9 @@ audit.log error.log debug.log API is described by Swagger ( OpenAPI 3.0 ) on endpoint /docs ( endpoint is defined in properties as springdoc.swagger-ui.path ) ``` -http://localchost:8080/docs +http://localhost:8080/docs ``` ### OpenAPI during project building yaml file with openAPI 3.0 documentation is generated in target directory with name api-docs.yaml -file OpenAPI.yaml located in certService directory must be update be hand if needed +file OpenAPI.yaml located in ./docs/sections/resources directory must be updated be hand if needed diff --git a/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java b/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java index 987d56ea..931ad8c6 100644 --- a/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java +++ b/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java @@ -28,6 +28,7 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; import io.swagger.v3.oas.annotations.tags.Tag; import org.onap.oom.certservice.certification.CertificationResponseModelFactory; +import org.onap.oom.certservice.certification.exception.CertificateDecryptionException; import org.onap.oom.certservice.certification.exception.DecryptionException; import org.onap.oom.certservice.certification.exception.ErrorResponseModel; import org.onap.oom.certservice.certification.model.CertificateUpdateModel; @@ -72,11 +73,11 @@ public class CertificationController { content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))), @ApiResponse(responseCode = "404", description = "CA not found for given name", content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))), - @ApiResponse(responseCode = "500", description = "Something went wrong during connectiion to CMPv2 server", + @ApiResponse(responseCode = "500", description = "Something went wrong during connection to CMPv2 server", content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))) }) @Operation( - summary = "initialize certificate", + summary = "Initialize certificate", description = "Web endpoint for requesting certificate initialization. Used by system components to gain certificate signed by CA.", tags = {"CertificationService"}) public ResponseEntity signCertificate( @@ -105,11 +106,30 @@ public class CertificationController { * @return JSON containing trusted certificates and certificate chain */ @GetMapping(value = "v1/certificate-update/{caName}", produces = "application/json") + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Certificate successfully updated"), + @ApiResponse(responseCode = "400", description = "Given CSR, PK, old certificate or/and old PK is incorrect", + content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))), + @ApiResponse(responseCode = "404", description = "CA not found for given name", + content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))), + @ApiResponse(responseCode = "500", description = "Something went wrong during connection to CMPv2 server", + content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))) + }) + @Operation( + summary = "Update certificate", + description = "Web endpoint for updating certificate. Used by system components to update certificate signed by CA.", + tags = {"CertificationService"}) public ResponseEntity updateCertificate( + @Parameter(description = "Name of certification authority that will update certificate.") @PathVariable String caName, + @Parameter(description = "Certificate signing request in form of PEM object encoded in Base64 (with header and footer).") @RequestHeader("CSR") String encodedCsr, + @Parameter(description = "Private key in form of PEM object encoded in Base64 (with header and footer).") @RequestHeader("PK") String encodedPrivateKey, + @Parameter(description = "Old certificate in form of PEM object encoded in Base64 (with header and footer).") @RequestHeader("OLD_CERT") String encodedOldCert, + @Parameter(description = "Old private key (corresponding with old certificate) " + + "in form of PEM object encoded in Base64 (with header and footer).") @RequestHeader("OLD_PK") String encodedOldPrivateKey ) throws DecryptionException, CmpClientException { caName = replaceWhiteSpaceChars(caName); diff --git a/docs/sections/resources/OpenAPI.yaml b/docs/sections/resources/OpenAPI.yaml index d20f833e..1c0c9571 100644 --- a/docs/sections/resources/OpenAPI.yaml +++ b/docs/sections/resources/OpenAPI.yaml @@ -1,7 +1,7 @@ # ============LICENSE_START======================================================= # oom-certservice # ================================================================================ -# Copyright (C) 2020 Nokia. All rights reserved. +# Copyright (C) 2020-2021 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,9 +19,9 @@ openapi: 3.0.1 info: title: CertService Documentation description: Certification service API documentation - version: 1.0.0 + version: 1.0.1 servers: - - url: http://localhost:8080 + - url: https://localhost:8443 description: Generated server url tags: - name: Actuator @@ -30,12 +30,83 @@ tags: description: Spring Boot Actuator Web API Documentation url: https://docs.spring.io/spring-boot/docs/current/actuator-api/html/ paths: - /v1/certificate/{caName}: + /v1/certificate-update/{caName}: get: tags: - CertificationService - summary: Sign certificate - description: Web endpoint for requesting certificate signing. Used by system + summary: Update certificate + description: Web endpoint for updating certificate. Used by system + components to update certificate signed by CA. + operationId: updateCertificate + parameters: + - name: caName + in: path + description: Name of certification authority that will update certificate. + required: true + schema: + type: string + example: "RA_TEST" + - name: CSR + in: header + description: Certificate signing request in form of PEM object encoded in Base64 + (with header and footer). + required: true + schema: + type: string + example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREZqQ0NBZjRDQVFBd2R6RUxNQWtHQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeApGakFVQmdOVkJBY01EVk5oYmkxR2NtRnVZMmx6WTI4eERUQUxCZ05WQkFzTUJFOU9RVkF4R1RBWEJnTlZCQW9NCkVFeHBiblY0TFVadmRXNWtZWFJwYjI0eEVUQVBCZ05WQkFNTUNHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXlVbWVvY0o2V09jRHBOR0x2SzRGMURkK3JVTDVBNjlQTVpwSApDSUlQZ2xrakNxcGlLL28yeFJlTTZ5VTlPVkpRcUJJUzRPeUFvWGxlKzJ4OURDanA2U1JpV2RJZEV2NFAzNk1nClRBV3lUdndta1dMYXFodmlwKzZQM0xUOGt0aktDL0JKVXo3dXlOWjAvTEdMWThpbWw1U1hnckQ0WlBvY2VrYzMKMStQZ0NrLzBTZWd6M0JaQkJVOVYwWXFtWFhlZDNkcHY3M1VFTXVESTVIY2NjSlFybkdUSkxDVTlJaWFJa1lQRgozQkhTVWpmbkVrS0hINWVwcTMwVEdyUytscFhxbHJ0cFFEWmIveHZpU3YyRjZWSVhGbURWdkl2RkNPaTZaMVlsClZvenVmNHhQRHQ5cmJxY1RUaGhjeVVqYWdDbnlwTmJzYms5U2QrWXFyNk1JbkZaNUZRSURBUUFCb0Zvd1dBWUoKS29aSWh2Y05BUWtPTVVzd1NUQkhCZ05WSFJFRVFEQStnZzEwWlhOMExtOXVZWEF1YjNKbmdnaHZibUZ3TG05eQpaNGNFZndBQUFZWU9ablJ3T2k4dmRHVnpkQzV2Y21lQkRYUmxjM1JBYjI1aGNDNXZjbWN3RFFZSktvWklodmNOCkFRRUxCUUFEZ2dFQkFJRTU0NFJ0RW5YRE5oQndKWDFGZ0Y4YzN5ck05SHcwNEw4VktNdnRaTlBjQU1SNC9lV0IKYTFDcE5uZVBQZktScWxiakxhOHplTW9iWWxGYlJVbGFvbnkzQXE4TlpiMFMxZ0RUWnFQWUQzRjNkMnhRUGJxOQpPbTR2Ly8zaGRIZlIvdFFCa3NPRkl0QkwvMW9jV004RTZqRm8rdU41ZGlCb3EyMUFvT0NXK1BMYWVnUG9jaGdYClJhZGcxc0JneW1tR3BDV0tNMy9UNnJTZEFvVmFoTzJ6VDd4NGhlRjNEazdsUUN5ZmdySUZDOHd2TmhBWWx1K1IKTmdoTVdNNEcvZzJPMHJvNVYzdWc4LzZ5UnovbDlhWXVJclRDNnVDaGJ3UXJFcEd4ZXR5WEd5bWE1Q2IxcTZyagpNdHNpQ0FneTBkR2dIZ2tOOVJrK3hHRC9BOGhzNURDSmdQUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg==" + - name: PK + in: header + description: Private key in form of PEM object encoded in Base64 (with header and footer). + required: true + schema: + type: string + example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRREpTWjZod25wWTV3T2sKMFl1OHJnWFVOMzZ0UXZrRHIwOHhta2NJZ2crQ1dTTUtxbUlyK2piRkY0enJKVDA1VWxDb0VoTGc3SUNoZVY3NwpiSDBNS09ucEpHSlowaDBTL2cvZm95Qk1CYkpPL0NhUll0cXFHK0tuN28vY3RQeVMyTW9MOEVsVFB1N0kxblQ4CnNZdGp5S2FYbEplQ3NQaGsraHg2UnpmWDQrQUtUL1JKNkRQY0ZrRUZUMVhSaXFaZGQ1M2QybS92ZFFReTRNamsKZHh4d2xDdWNaTWtzSlQwaUpvaVJnOFhjRWRKU04rY1NRb2NmbDZtcmZSTWF0TDZXbGVxV3UybEFObHYvRytKSwovWVhwVWhjV1lOVzhpOFVJNkxwblZpVldqTzUvakU4TzMydHVweE5PR0Z6SlNOcUFLZktrMXV4dVQxSjM1aXF2Cm93aWNWbmtWQWdNQkFBRUNnZ0VCQUxEYnBhejlncUNBZ2x3YjNjcXZvT0dBelNZUk5WaCtmWGZZMVZidGFCRWcKbnNCdFNvclhjNjRpN2lkaDlmUmFsaEhHcDUzSFQ1SVJZVnBLVFdrVXZjbWl0V08wVU9WeUk2SmM0ekRJeEkzUAowVmRtNHpnWi9rR05SQXdwWGM3cytrSVpJMlFvWkloRW5rKzA5QU45dHBweTdkamdBN0E5Ymk0bVN6Tyt2Z2h2Ci9KMnErZlNzTm5hbWE2MGFDMC90QzBEYmlVZ2xFN0taaGVQTjlqaGZCa1pLUW1MUVpUMHJQWE1sU2gvdU41SWUKSGpBYkVQVHJCdGxTZ2pRT2o5ZnJhSk9xRm1tL3hGQ2YvKzRuNU0xeGNpQVBoeUZydDdSU1NuZ2tOcW50VkVXUQpxSytMSWlDSHpLMFpBUWhVMGVSVXZqRjVWK210QjhPaEpNSkxMQkVvS0NFQ2dZRUEvWU05YlB4bVVzS2VCclZiClVtRlg5TXRKWmZwd1lLbkQveVh0MjZWcHM4OEZhbEhsSDd6R3MvQitZYjZXMGgxcnBzUWoreTJtejMvS092eEgKMFA2Um01R0ZJNjhsdXc1UUlHV1FMT2FtaThUZW9yU21vQXp3TkVOL1lpdFY3UURPdVZTQUZiVTJBTkRRMWZaawpFY29HeHdLbC9pOEtWTDF1Z2pseEE1ZWp6dzBDZ1lFQXkwTTBGTTRVendzRHRJbW5hMkRwYmlobGFxQ0dZVWxQCmQ2N2NidDlWejZ6NE1MMm00TlZZOUdhdU9OQUF0R2VVSTlNYnlqNVlmaVJaSXFtc0RjaU16eGtMeDJOTzlUaTEKaHJJZzJxeUNubFhJVWtmQkxxUG94Z3FYeHBpS1hnblYwNU9VWEdHVW5Ya2JNNjZsNlVEMUw0YnVpMzVVRDI3Uwp3ajdCMGdodmtDa0NnWUVBdit3dWdhYm5sRG9RUnNYZnVCTkg4bVJBVWZyeVBzdm5QTytyRGtGQkw4Wkh0RUVCCnREQkhRZ3lNc1ZVSGUxU1luaTBaakZ2NFVGalBjaTV4OUMvMWJoQVIrbnpybEp4MlhzQmxFUWtoQnVscEgwYWkKYXNMQXl1QmF2S2hRS2RnVnFNcm5HUWdTTlRYaEZFcXZZYVJQMHpRWEZNTHFFRk5GS1VOeFlxWFhkclVDZ1lCegpleUR4MlF1MWZicURMZG55aGNMWmxSWFplSTRnWTdoRWRSSkQ0NXNyUEVoZDJNSWc1dFY5TllFeVFlckVsRHgwCkJoSzUycVlJTkxwM21SSnBXbEcxcjdNamV1WjNKOXJxUmZXb2gyNUdhdEkrL1FsaWFEbHRtc01VVDhIOUgzVmUKbVhBbTlFR3RIZ3M0VjdkblNFS0UyQkpiS2xDejIvRGQ3eTNMR0lQWjBRS0JnUUNLRTRMMEhxSkkwV2ZFKzlMYQpONCtjems2dnBoOUdlbHNib1NIM1FBN3V0cDFQdWo0ZU5kZ0tNZUJiczgvQk5JMWFLdFI0c3JFT2VKbkpxSStoCkdRRHc5V1cxSHAyNGlFUXp6QXJLQTNlY2JMYTNwQkhyR3RhMk14VHFBb1NtMWkwU3BybWIvRkNNd0Q1ZDNDV1YKYnp0R29yemhiOVJYdUhnYlZ3OWZZdU1XQlE9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" + - name: OLD_CERT + in: header + description: Old certificate in form of PEM object encoded in Base64 (with header and footer). + required: true + schema: + type: string + example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" + - name: OLD_PK + in: header + description: Old private key (corresponding with old certificate) in form of PEM object + encoded in Base64 (with header and footer). + required: true + schema: + type: string + example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" + responses: + "200": + description: Certificate successfully updated + content: + application/json: + schema: + $ref: '#/components/schemas/CertificationResponseModel' + "400": + description: 'Given CSR, PK, old certificate or/and old PK is incorrect' + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseModel' + "404": + description: CA not found for given name + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseModel' + "500": + description: Something went wrong during connection to CMPv2 server + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorResponseModel' + '/v1/certificate/{caName}': + get: + tags: + - CertificationService + summary: Initialize certificate + description: Web endpoint for requesting certificate initialization. Used by system components to gain certificate signed by CA. operationId: signCertificate parameters: @@ -48,12 +119,12 @@ paths: example: "RA_TEST" - name: CSR in: header - description: Certificate signing request in form of PEM object encoded in + description: Certificate initialization request in form of PEM object encoded in Base64 (with header and footer). required: true schema: type: string - example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREVqQ0NBZm9DQVFBd2daY3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saApNUll3RkFZRFZRUUhEQTFUWVc0dFJuSmhibU5wYzJOdk1Sa3dGd1lEVlFRS0RCQk1hVzUxZUMxR2IzVnVaR0YwCmFXOXVNUTB3Q3dZRFZRUUxEQVJQVGtGUU1SRXdEd1lEVlFRRERBaHZibUZ3TG05eVp6RWVNQndHQ1NxR1NJYjMKRFFFSkFSWVBkR1Z6ZEdWeVFHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQgpDZ0tDQVFFQXpRekpQTmhrRURhL3JnUmhJUmpLVDF2RC84Wk9scXA3UmRuYTEybXFIU2FqQ0hHeGR0K1JPZk0vCkpINk9NczZNSjlwNXRJVE5VUWVDUEQ5cE44WkpzMCtOaWQvRE1Nb1B3MW94NnZyNFc5Rnh4K3NGN2hnK05nYjEKNGxvZVZob2EwajlKd1hlc2krSThNbFBObGRMRXlGYnZubDgyNzl0Qjg2dmRpR2g3blFjek8rbnY5elBqZllVcQpIaGlRK1ptMEZjbWFxblVJOG54aWJQNmFMMS9uWFQ3aHlwY0VzOCtpenNZVktqdVdwSjhlZHN0T1NBYTlkWXkrCkVhYTFPTlo5RFRDQzArZmM4S0pBNGJjWVE0T2tPYXFmcnhxY0xMOXZJL1BROWZtYThTUXBmcXVTbmQvbjNOazMKK1NoYnVCclorVnNQRWhsWnBJb2lXdS9scjlrdnp3SURBUUFCb0RVd013WUpLb1pJaHZjTkFRa09NU1l3SkRBaQpCZ05WSFJFRUd6QVpnZ2h2Ym1Gd0xtOXlaNElOZEdWemRDNXZibUZ3TG05eVp6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBUUVBV0N2QlJzTmZ5S0F1NWhIWldWUm8xd2VWSVJvbHQyRWdsSUkzbHI4d0ZlN1hobUtZVlhESzJ3aHEKc2hCakNNQUJHNW90MlBXUE8yK1JLSmsveEh2RXRoQzMybityQlhOS2hHUUJMY3dyeFNBbjVUMHFNa0xzTGJiRAphTU1nTnRiYWxmOC9mVmNWWDY1WTVVb052Y2FScEpvVUdYY1ovZ3kvMG5aWnNXbURkejk1Rys2MXFnY0s3RlhOClB1bENxLy9YNUZkK2NkQy9TTnNxaGtqdlgyd3hYMUZRVVYwcFp0akcwenl3b3JwNE9HSkRiUUxtaWFZSlQ2Ym8KNjAyZ21zWFNTQlJzVWFCOEsxeWMzalRkS043QjYxcjhwYW05NlBxQjdXME13MVRJVFAzQnhJTk5kN1hhNlI5VAo5T3BTcDhFcUZ5R043M3NJN0svbDdNZVJvUm1PUUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0K" + example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREZqQ0NBZjRDQVFBd2R6RUxNQWtHQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeApGakFVQmdOVkJBY01EVk5oYmkxR2NtRnVZMmx6WTI4eERUQUxCZ05WQkFzTUJFOU9RVkF4R1RBWEJnTlZCQW9NCkVFeHBiblY0TFVadmRXNWtZWFJwYjI0eEVUQVBCZ05WQkFNTUNHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXM5RzhZNVBqU0xMRnR5OUU1UEdDbmFNRk5ZQkUyQkljbmZjQgp1ZDBQRlJ0UEZNNnFEMVlzZXlFU0ticWV3cGFCYzBQZ1phVUFvWFNicG9WV3ViclhMVjFta3g4QUhCQzNMQjdMClJXMzBDcTdOYzR4ZkRKcnBscW8rZWNLL2VRSzJ3YjVuZmFELzRTZGd3eHJ2UW45N3JFUGJ3VEJXOXNjclNhSkEKSEZ1TkRiVVlkdkIxNHVDbmdBS3R0QUVMYjdpZ3U4UHhQNXlzcDRqdHpxTWphUjh2dldHcG1SOWdSZndmaTI5MwpXNXhUdUZBYks0U1RaaTEzZEQ1alhHZy96TnRxdC9Scm5ZQTNHc2J4SUVva0VGQXpDNXBLTW5nQW5SdDJWYmtTClV6SFg1YWErNy9ZYWtRekZ0VVVTZEJkMklIT25NS0NJYllKSVJSbm1way9RODJTUWF3SURBUUFCb0Zvd1dBWUoKS29aSWh2Y05BUWtPTVVzd1NUQkhCZ05WSFJFRVFEQStnZzEwWlhOMExtOXVZWEF1YjNKbmdnaHZibUZ3TG05eQpaNGNFZndBQUFZWU9ablJ3T2k4dmRHVnpkQzV2Y21lQkRYUmxjM1JBYjI1aGNDNXZjbWN3RFFZSktvWklodmNOCkFRRUxCUUFEZ2dFQkFFb3JtOWJ2NTlVVk5ESHhLSlgzREFIT0w2cXVvVnBrRUNhS0xWaVVwaG9CS0c4MU1CN0kKY0k0S211bm5pbzRIa002LytZQmlpYnJXV1c1WFFFWFpKYTRkMnE1SnlRNFNMaXFnT1o4OWRlRm1iTEdTbGFaSQpwLzFmaTFlRVY0aU5wK1FhKzJBbHhTTEZVWmpFamtCRUNJVWs4ZEJERE5ZUXA2MEduazRLSjJkbDVxYTc1dzNsCkFhT2VlcFgvSHdJK2pRc2FIZHFZUW9aUFhuWXF4V2FaVWtNOG9PSXEzTUxzZDNGcGdzcnlUWXVqZDJxeTlTa2oKZjYyNElhU2tmeXVQZEJwdTZENWw5SjZOUmxtY25iWVJydHFaRGtmZXBYV1NPMHEyLzFBR0VSa0ppdTRYR1lLbwo3b0I0MWFvKzNva1V6RmUyOUlseXVmWUhHU0xmaFRtdkp1TT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg==" - name: PK in: header description: Private key in form of PEM object encoded in Base64 (with header @@ -61,14 +132,14 @@ paths: required: true schema: type: string - example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRRE5ETWs4MkdRUU5yK3UKQkdFaEdNcFBXOFAveGs2V3FudEYyZHJYYWFvZEpxTUljYkYyMzVFNTh6OGtmbzR5em93bjJubTBoTTFSQjRJOApQMmszeGttelQ0MkozOE13eWcvRFdqSHErdmhiMFhISDZ3WHVHRDQyQnZYaVdoNVdHaHJTUDBuQmQ2eUw0and5ClU4MlYwc1RJVnUrZVh6YnYyMEh6cTkySWFIdWRCek03NmUvM00rTjloU29lR0pENW1iUVZ5WnFxZFFqeWZHSnMKL3BvdlgrZGRQdUhLbHdTeno2TE94aFVxTzVha254NTJ5MDVJQnIxMWpMNFJwclU0MW4wTk1JTFQ1OXp3b2tEaAp0eGhEZzZRNXFwK3ZHcHdzdjI4ajg5RDErWnJ4SkNsK3E1S2QzK2ZjMlRmNUtGdTRHdG41V3c4U0dWbWtpaUphCjcrV3YyUy9QQWdNQkFBRUNnZ0VBZkN5cUVYYlo0aGZGckpScVhhaXRtN0Z1Mkk0M09YYTBnSENWM3EzV255Q3UKeW9aUGVqV1p0UVpoenEvMVhUOUlFVHAxU2FUQzBiZENYMG5uWmlkbXFuZ2F0c3dUWUpCOVMwaHJ3bW1KemREZwpucmp0Tm1yb0FiL2xWOVpMV01rbVJQeWVwZExiWXpyMlNXUUd0QnlYbnR0RzhSbW9JMGtjZjN3dEJGYUJ4VzFwClFzRUNXUFBpdjNZRDh2SzlSRG9wdmxCMnFZVWxCTm1kQ3AxWEJXMU9OZm5wckUwZFhiYTJxVzB3M3lqU2dJdGYKUWJBSTJZQzJEWlpIK3liRGFMZWVtb0p3dDdPK1F6NWp4SkgwWkFpSnVaNzNpSTVocFBJQlhLamRkU1p1bjRpRwpEOFZaaCtYWE9yQWJxVURXdlN4UW9kdFhYeGNSSS9aWUx5WWR1OHdhd1FLQmdRRHA3UEhwdWFDSk50MlBLV3d6Cll4SDhIYlB1L0pTS2R3UytZek5SNzJaYlUwSmQxWTdPc1JCR1Bvd24zOW55WDlJYzJINXBLc2VJYnpsK1lJS1MKQW9BKy9nbFZZUGpIZ2RmVHF6R01QMm5meVh0dVpFQzdicVBLSVlzL0Qwb0pGQzFkUThwUjFxcXp6NjJEMEUvawpSS1MrVFhpSlkvMlJiQVhDckFDVnNwVmQzUUtCZ1FEZ1prZE45SkhIMjYyRWdLQ3p1Q0NHMXlYa3IrcWVHZ3ozCldWbUtMaGVveitHVXlvVDVuaGlvUTJxNlllYTJ1ODlVYUdGZFk4Y0hIQVdhUy9UdU9FYzdBRHV4eTZsVWpKWkQKU3V0YU80cWk3eXh6UGxNN2w5alVpejV5MldZZGRnWEhLOG82M0pOSHdwd0FYaDgycytTbm9STUZSd1JOTGsyWQp4WmxxRm55WG13S0JnUUNkdEkrWEtmMHY1SnhVUXZIZVp3RWQvb3hySnoraFpnSDl0UFZKWE9PZDJERGEvL25xCklQYysxRFk3UDdBNHRoNzZNWDV2dWxhUkJhTTJMeXgzOFZXeW9pTjZ1d2lkd0V6WU9BY01iVWdjaGtJL3R6am8KNC90cWIxam9KNCtiTlU0c0hXTE43N0pmelRoR3NHN2NEdWNlSVM2Tk9hc2VtanY3OVdmamhHVXN4UUtCZ1FETQpwbHFYVE5uNjlHek9MK1Rmb3FmL2NZMjhmM2N3VXovS0FYRzRwSXF0U1ZGSXVsNEZyTnA5OG1ZT3J5U1RPTHRBCkZxWGRYeGJ2Yysza0p5dXNhaVVFT1JVMzlDNXN6bjVueHBiWHh2K0wweWF0djRSM0QrZ1BCeUtmNlliSWpZOTkKY29GUHAwU21xR1JQclljNEExNGdSclVyRmZabFVUb3hmdHlJTlJQUnl3S0JnUURoSFkvT24vRTNodmo4aHBKRQplMWNuQ2ZsV2VKWlZSdnBPQm96NCtwMVltMzZZZEQ0azBpSEh6anZUUGlBSnNGTFB5VXVTZXI0T3hpN2cvcmYvCklPVjN4bHZyNXdSRmxLYWxvWjY5azkxNm5qdWM0d2lXVzdMbGt1YWptVDhlSUszTU05MU9SL1VFcE16dFMyMHEKZ3hRMEVieTFaMlh6TWlkMEhZZTlVcTJaSmc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" + example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg==" responses: "200": description: Certificate successfully signed content: application/json: schema: - $ref: '#/components/schemas/CertificationModel' + $ref: '#/components/schemas/CertificationResponseModel' "400": description: Given CSR or/and PK is incorrect content: @@ -82,7 +153,7 @@ paths: schema: $ref: '#/components/schemas/ErrorResponseModel' "500": - description: Something went wrong during connectiion to CMPv2 server + description: Something went wrong during connection to CMPv2 server content: application/json: schema: @@ -147,7 +218,7 @@ components: errorMessage: type: string example: "Internal server error" - CertificationModel: + CertificationResponseModel: type: object properties: certificateChain: -- 2.16.6