GC-45: Update copyright information:

- Changes to code base were previously done in 2020 as well (based on
git history).

GC-45: Replace freezegun with time-machine for data/time-related tests:

- The freezegun is no longer maintained, and it also does not handle
timezones that well.
- The time-machine project seems to be actively maintained, and
provides the same functionality.

GC-37: Include ECDSA when testing that commands use correct key specification:

- Updated tests for server, client, and renew commands.
- Parametrised the tests so they can cover different sizes of RSA
keys, as well as different elliptic curve algorithms.

GC-37: Use KeyGenerator instead of generate_private_key in unit tests:

- Replaced all uses of generate_private_key with KeyGenerator
invocations that explicitly request 2048-bit RSA.

GC-37: Update status command to include relevant/correct information about ECDSA algorithms:

- Updated functional test to include case where CA hierarchy has been
initialised with the ECDSA keys.
- Updated unit tests to include testing of output for entities that
use ECDSA keys.
- Use the key_specification_from_public_key function to obtain
information about key in use (instead of assuming it's RSA).

GC-37: Implement renewals with new private keys for ECDSA when previous certificate was issued using CSR:

- Added functional test that covers the scenario.
- Parametrise the unit test used to verify that new key generation
follows the same key specification.
- Update test for checking if new private key gets generated to use
key specification instead of key size.

GC-37: Added support for showing key algorithms to the status command:

- Updated functional test for the status command to include a variety
of key algorithms and to test for their representation in the
output.
- Added unit tests.
- Updated the status command to extract key algorithm information from
the issued certificates and output the information.

GC-37: Added support for requesting custom RSA key size when renewing:

- Added functional test.
- Added unit tests.
- Updated existing functional test for renew command help to cope with
addition of one more option (output lines from help changed).
- Added new CLI option for passing-in key specification, used in
combination with the --new-private-key option.
- Renew command function now accepts key specification
parameter. Updated existing code and tests accordingly for the new
function signature.
- If key specification is not passed-in and new private key is
requested, key size is extracted from existing artefacts (e.g. it
does not use CA hierarchy's key size).

GC-37: Added support for requesting custom RSA key size when issuing client certificates:

- Added functional test.
- Added unit tests.
- Added new CLI option to the client command.
- Updated the client command to use the passed-in key specification.
- Updated existing tests to cope with changes to the client command
function signature.
- Fixed small typo in docstring for the server command.
- Fixed functional test for client command help that expected
positional argument in a specific line.

GC-37: Added support for requesting custom RSA key size when issuing server certificates:

- Added functional test.
- Added unit tests.
- Added new CLI option to the server command.
- Updated the server command to use the passed-in key specification.
- Updated existing tests to cope with changes to the server command
function signature.

GC-37: Refactor key specification handling:

- Perform the key specification parsing within CLI module itself,
don't do it via crypto module.
- Pass-in tuple consisting out of algorithm and associated parameters
into the init command instead of key generator.
- Updated all tests to accomodate the change in init function
signature.
- Simplify the KeyGenerator class.
- Do not test if KeyGenerator class sets the properties via
constructor - it is sufficient to test string represenation and key
generation.

GC-37: Added support for requesting custom RSA key size when initialising the CA hierarchy:

- Added functional test.
- Added unit tests.
- Added new CLI option for specifying the algorithm.
- Implemented KeyGenerator factory-like class that can be called to
generate a private key with desired specification.
- The init init function now accepts a callable that is used to
generate private keys.
- The generate_ca_hierarchy function now accepts a callable that is
used to generate private keys.
- Updated existing unit tests to cope with changes to the init
and generate_ca_hierarchy function signatures.
- Updated existing unit tests to cope with changes to existing
functionality.
- Updated existing functional tests to cope with changes in command
output.

GC-37: Introduce gctmpdir fixture for reducing duplication in tests:

- Fixture can be used to initialise the temporary directory with
1-level deep Gimmecert hierarchy. It is very useful for tests that
do not care about hierarchy details, while at the same time being
much faster than the sample directory one.
- Fixture should not be used for testing of init/status
commands (since those heavily test what the hierarchy looks like).

GC-35: Freeze time when testing status command outputs:

Freezing the time will ensure the tests can be run in future without
having to make modifications for issuance dates - otherwise the tests
will fail because certificates will be reported as expired.

GC-23: Removed option to update DNS names from server command:

- Removed functional test.
- Dropped the option from CLI.
- Dropped the option from command function implementation.
- Updating code for new command function signature.
- Updated existing unit tests.
- Removed unneeded unit tests.

GC-23: Implemend option for updating DNS names for renew command:

- Added functional test covering the new functionality.
- Implemented ability to accept new DNS names in the renew command.
- Updated existing unit tests for new function signature.
- Added unit tests covering the new functionality.

GC-22: Updated status command to display path to CSR if certificate was issued using CSR:

- Updated the existing functional test for validating output from the
status command on an initialised directory.
- Updated status command to check for existence or private key or CSR,
and display appropriate message and path to it.
- Updated unit tests covering the status command output.

GC-22: Updated renew command to allow reading of CSR from stdin:

- Implemented functional test covering reading of CSR from stdin for
the renew command.
- Updated renew command CLI help.
- Updated renew command to read CSR from stdin if passed-in path is
set to '-'.
- Implemented relevant unit tests.

GC-22: Updated client command to allow reading of CSR from stdin:

- Implemented functional test covering reading of CSR from stdin for
the client command.
- Updated client command CLI help.
- Updated client command to read CSR from stdin if passed-in path is
set to '-'.
- Implemented relevant unit tests.

GC-22: Updated server command to allow reading of CSR from stdin:

- Implemented an additional helper for functional tests for running
interactive commands.
- Implemented functional test covering passing-in CSR to the server
command via stdin (interactively).
- Updated server command implementation.
- Implemented utility function for reading input from user.
- Implemented utility function for reading CSR from string in (in
OpenSSL-style PEM format)
- Fixed some missing imports in the custom pytest fixture.
- Implemented relevant unit tests.

GC-22: Server command should refuse to update DNS names if custom CSR was passed-in as well:

- Passing-in the custom CSR means the user wants to create a new
entity. Therefore, the case where update of DNS name has been
requested in conjunction with passing the CSR, and certificate has
already been issued, we need to fail.

GC-22: Refactored server command tests for testing output on success:

- Introduced custom pytest fixture that sets-up a small Gimmecert
project.
- Introduced custom pytest fixture that sets-up private key with CSR.
- Replaced all server command tests that check the resulting output
with a parametrised test. One test should actually fail, but this is
a bug in implementation. Will fix in subsequent commit.
- Introduced separate tests that ensure the server private key or CSR
do no get overwritten in case DNS name update is requested.

GC-22: Updated renew command to replace existing private key with CSR if passed-in:

- Added functional test which covers renewal of server and client
certificates by generating new private key when previous certificate
was issued using custom CSR.
- Replace the CSR with generate private key when renewing certificate
in case where previous certificate was issued with CSR.
- Added unit tests covering new functionality.

GC-22: Updated renew command to replace existing private key with CSR if passed-in:

- Added functional test which covers renewal of server and client
certificates using CSR when previous certificate was issued using
private key.
- Replaced the private key with CSR when renewing certificate using
CSR in case where previous certificate was issued with private key.
- Updated signature for renew command to accept path to custom CSR.
- Updated existing unit tests for new renew command signature.
- Added unit tests covering new functionality.

GC-22: Updated renew command to report correct artefact if CSR was originally used for issuing certificate:

- Added functional test for covering the scenario.
- Updated printout from the command to display path to CSR if CSR
artefact was used for initial (previous) certificate issuance.
- Updated existing unit tests and implemented new ones.

GC-22: Implemented issuance of server certificates using passed-in CSR:

- Added functional test.
- Expanded server command to accept path to custom CSR file and handle
it appropriatelly.
- Updated existing unit tests to fix command server invocation.
- Added new unit tests.

GC-22: Make server command invocation explicit by requiring the update_dns_names argument:

- Updated the server command to require providing the update_dns_names
argument. Helps with consistency to other commands.
- Updated unit tests for the server command to invoke it with correct
parameters.

GC-22: Implemented issuance of client certificates using passed-in CSR:

- Added functional test covering the issuance of client certificate
using CSR.
- Updated default value for the CSR client command option to be
explicitly None.
- Updated the client command to take in the CSR as an argument and
process it accordingly.
- Added helpers for generating CSR, as well as writing and reading
them to/from file.
- Updated existing tests to use new signature for the client
command.
- Added new unit tests for implemented functionality.

GC-20: Added documentation for status command and fixed output when server/client certificates have been issued:

- Updated quickstart instructions.
- Added more detailed usage instructions describing what information
gets shown.
- Fixed issue with status command reporting no server/client
certificates have been issued even if this is not the case.

GC-20: Updated status command to have explicit message if no server or client certificates have been issued:

- Updated the statuc command to inform user that no server or client
certificates have been issued if so (instead of just showing empty
section).
- Implemented unit tests.

GC-20: Implemented status command for initialised directory:

- Added functional test.
- Implemented showing CA hierarchy, server and client certificate
information for initialised directories.
- Implemented helper functions for generating string representation of
DNs, DNS subject alternative names, and date range.
- Return correct error when calling status command on uninitialised
directory.
- Updated gitignore to exclude *.pyc from repository.
- Implemented unit tests.

GC-20: Show informative message when calling status command on uninitialised directory:

- Added small function test to cover the scenario when status command
is called on an uninitalised directory.
- Updated the status command implementation.
- Implemented the necessary unit tests.

GC-18: Added option for generating a new private key during certificate renewal:

- Implemented functional test for the new scenario.
- Fixed incorrect check for client certificate validity in existing
functional test for client certificate renewal.
- Updated documentation to include information about generating a new
private key during certificate renewal.
- Added option of generating a new private key to the renewal command.
- Updated existing code to use new signature for renewal command and
function.
- Added inline function documentation for the renew command code.
- Implemented relevant unti tests that cover new option.

GC-18: Added functional renew command implementation:

- Added functional test covering the use of renew command for server
and client certificates.
- Added new crypto function for renewing a certificate based on
existing certificate, issuer private key, and issuer certificate.
- Fixed use of incorrect output stream in one of the existing tests
for the renew command.
- Added unit tests covering new functionality.

GC-18: Fail the renew command if requested entity has not certificate:

- Added functional test for scenario where renewal is requested for
server or client certificate that do not exist already.
- Updated the renew command to return a new error code and show
appropriate error message.
- Added unit tests.

GC-18: Error-out in case renew is called on uninitialised hierarchy:

- Added functional test for scenario.
- Implemented dummy renew command that for now just verifies the
hierarchy has been initialised.
- Implemented unit tests.

GC-19: Updated server --update-dns-names implementation to inform user about unchanged private key:

- Updated functional and unit tests.
- Updated message shown to user when using --update-dns-names server
option to include information about private key remaining the same.

GC-19: Added option for updating server certificate DNS names:

- Added functional test covering the new scenario.
- Added option to server command for updating DNS names for already
issued certificate. Private key is kept for this purpose.
- Implemented unit tests.
- Fixed functional test related to viewing short usage instructions.

Noticket: Fixed bug with wrong output message when server command refuses to issue certificate for existing entity:

- Make sure to use the entity name in the output, and not a static
string.

GC-16: Do not overwrite existing client artifacts:

- Added functional test for the scenario.
- Implemented unit tests that ensure client artifacts are not getting
overwritten if they already exist.
- Added check that ensures the client certificate has not been issued
previously.

GC-16: Implemented issuance of client certificates:

- Added functional test covering basic issuance of client
certificates.
- Replaced the dummy command implementation.
- Added new crypto function that can be used for issuing TLS client
certificates.
- Implemented relevant unit tests.

GC-16: Implemented scenario for issuing client certificates when hierarchy is not initialised:

- Added functional test that checks if an error is shown to user in
case the hierarchy hasn't been initialised prior to issuing a client
certificate.
- Added initial dummy client command implementation.

GC-17: Removed redundant tests, cleaned-up tests for commands module and fixed wrong directory used for outputting server artifacts in server command:

- Removed CLI tests that check if command errors-out in case the
hierarchy has already been initialised (for init command) or has not
been initialised (for server command). These are part of commands
module tests already.
- Removed unnecessary changing of directory within the commands
tests.
- Fixed issue where server artifacts paths are not calculated
correctly when writing them out (parent directory was not part of
path).

GC-17: Refactored calls to help and usage printing functions:

- Introduced distinct help/usage functions in commands module.
- Wrap the help/usage in similar way to existing commands.
- Added unit tests for new commands and their invocation from CLI.

GC-17: Refactored server command to handle output and return exit code:

- Updated server command to return just a status code.
- Updated existing code and tests that call out to the server command
to use correct function signature.
- Moved output from cli module to commands module.
- Updated existing tests for the server command to test for output
being produced in correct streams.

GC-17: Refactored init command to handle output and return exit code:

- Introduced a holder class for command exit codes.
- Moved output for the cli module to commands module.
- Implemented new tests for verifying the command output.
- Updated existing tests for verifying return value of command output.
- Updated existing code and tests to use the new signature for init
command.

GC-15: Prevent server command from overwriting artifacts and clean-up incorrect CLI tests:

- Added functional test for scenario where a server certificate has
already been issued.
- Updated server certificate issuance command not to overwrite the
artifacts.
- Fixed a couple of both server and init tests related to CLI parsing
to not create artifacts unless necessary, and if necessary to create
artifacts in temporary (test) directory. Otherwise intermittent
failures will happen.

GC-15: Implemented functionality for including extra DNS names in server certificates:

- Added functional test covering the new scenario.
- Updated invocations of relevant commands in existing code to pass-in
the list of extra DNS names where appropriate.
- Updated server command and high-level function for issuing server
certificates to accept list of additional DNS subject alternative
names to include in certificate.
- Fixed existing unit tests.
- Added additional unit tests that cover the new function.

GC-15: Implemented functionality for issuing a server certificate:

- Added functional test covering the user scenario.
- Updated CLI implementation to show user message about issued server
artifacts.
- Implemented functionality in the server command.
- Fixed a small typo in docstring for issue_certificate function.
- Implemented high-level crypto function for issuing server
certificates.
- Implemented additional storage functions for reading an entire CA
hierarchy, individual private keys, and individual certificates.
- Implemented the necessary unit tests covering newly implemented
code.

GC-15: Implemented scenario for server certificate issuance where user has not initialised the CA hierarchy:

- Added functional test that tests if correct error is shown to user
in case he/she has not initialised the CA hierarchy.
- Introduced new function to check if storage is initialised.
- Added initial simplified server command implementation.

GC-3: Implement option for specifying CA hierarchy depth during initialisation:

- Minor fix for option checks to make the more reliable (for short
flags).
- Added functional test for initialising a CA hierarchy with custom
depth.
- Added option for specifying the CA hierarchy depth (defaults to 1).
- Updated the init command to accept and process the CA hierarchy
depth option correctly.
- Updated function used for issuing certificates to accept list of
extensions to be added to certificate.
- Updated function used for generating the CA hierarchy to add the CA
basic constraint extension.

GC-3: Added ability to provide custom CA base name to init command:

- Added functional test to cover the new scenario (providing CA base
name).
- Updated init command to accept the CA base name to be used when
constructing the CA subject DN.
- Updated the existing tests to pass-in the CA base name explicitly.
- Updated the CLI code to allow for user to pass-in the CA base name
via option (both short and long form available).

GC-3: Updated init command to avoid errors and overwrites on already initialised directories:

- Added functional test covering the scenario where user has already
initialised the directory and is re-running the tool.
- Updated the init command to return status based on whether the
directory is already initialised or not.
- Implemented unit tests.

GC-3: Refactored main functionality of the init command into separate function:

- Introduced a new module (commands) where the majority of command
implementation should reside.
- The cli module should now be a thin wrapper around commands, in
charge of processing input system arguments.
- Refactored the tests accordingly.