Test client CA certificate install and delete
Resolves openbmc/openbmc-test-automation#1475
Change-Id: I2e52f232728c6e10fb4f1014e2d83b4c27bd5953
Signed-off-by: Rahul Maheshwari <rahulmaheshwari@in.ibm.com>
diff --git a/data/variables.py b/data/variables.py
index d4d84ac..8c9ce19 100755
--- a/data/variables.py
+++ b/data/variables.py
@@ -147,7 +147,7 @@
# Certificate variables.
SERVER_CERTIFICATE_URI = OPENBMC_BASE_URI + 'certs/server/https'
CLIENT_CERTIFICATE_URI = OPENBMC_BASE_URI + 'certs/client/ldap'
-
+CA_CERTIFICATE_URI = OPENBMC_BASE_URI + 'certs/authority/ldap'
'''
QEMU HTTPS variable:
diff --git a/lib/certificate_utils.robot b/lib/certificate_utils.robot
index 942d722..54fb9db 100755
--- a/lib/certificate_utils.robot
+++ b/lib/certificate_utils.robot
@@ -56,12 +56,17 @@
[Return] ${result}
-Get Client Certificate File Content From BMC
- [Documentation] Get client certificate file content from BMC.
+Get Certificate File Content From BMC
+ [Documentation] Get required certificate file content from BMC.
+ [Arguments] ${cert_type}=Client
- ${certificate} ${stderr} ${rc}= BMC Execute Command
- ... cat /etc/nslcd/certs/cert.pem
- Should Be Equal ${rc} ${0} msg=${stderr}
+ # Description of argument(s):
+ # cert_type Certificate type (e.g. "Client" or "CA").
+
+ ${certificate} ${stderr} ${rc}= Run Keyword If '${cert_type}' == 'Client'
+ ... BMC Execute Command cat /etc/nslcd/certs/cert.pem
+ ... ELSE IF '${cert_type}' == 'CA'
+ ... BMC Execute Command cat /etc/ssl/certs/Root-CA.pem
[Return] ${certificate}
@@ -109,6 +114,13 @@
... Remove String ${file_content} ${cert_content} ${private_key_content}
... ELSE IF '${cert_format}' == 'Expired Certificate'
... OperatingSystem.Get File ${EXECDIR}${/}${cert_dir_name}${/}cert.pem
+ ... ELSE IF '${cert_format}' == 'Valid Certificate'
+ ... Remove String ${file_content} ${private_key_content}
+ ... -----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----
+ ... ELSE IF '${cert_format}' == 'Empty Certificate'
+ ... Remove String ${file_content} ${cert_content}
+ ... ${private_key_content} -----BEGIN PRIVATE KEY-----
+ ... -----END PRIVATE KEY-----
${random_name}= Generate Random String 8
${cert_name}= Catenate SEPARATOR= ${random_name} .pem
diff --git a/tests/test_certificate.robot b/tests/test_certificate.robot
index fbb3752..7ade544 100755
--- a/tests/test_certificate.robot
+++ b/tests/test_certificate.robot
@@ -109,6 +109,24 @@
Client Expired Certificate error
+Test CA Certificate Install With Valid Certificate
+ [Documentation] Test CA certificate install with valid certificate.
+ [Tags] Test_CA_Certificate_Install_With_Valid_Certificate
+ [Template] Certificate Install Via REST
+
+ # Certificate type Certificate file format Expected Status
+ CA Valid Certificate ok
+
+
+Test CA Certificate Install With Empty Certificate
+ [Documentation] Test CA certificate install with empty certificate.
+ [Tags] Test_CA_Certificate_Install_With_Empty_Certificate
+ [Template] Certificate Install Via REST
+
+ # Certificate type Certificate file format Expected Status
+ CA Empty Certificate error
+
+
Test Delete Server Certificate
[Documentation] Delete server certificate and verify.
[Tags] Test_Delete_Server_Certificate
@@ -146,11 +164,34 @@
Sleep 30s
${msg}= Run Keyword And Expect Error *
- ... Get Client Certificate File Content From BMC
+ ... Get Certificate File Content From BMC Client
Should Contain ${msg} No such file or directory ignore_case=True
+Test Delete CA Certificate
+ [Documentation] Delete CA certificate and verify.
+ [Tags] Test_Delete_CA_Certificate
+
+ ${cert_file_path}= Generate Certificate File Via Openssl
+ ... Valid Certificate
+ ${file_data}= OperatingSystem.Get Binary File ${cert_file_path}
+ ${cert_file_content}= OperatingSystem.Get File ${cert_file_path}
+
+ Install Certificate File On BMC ${CA_CERTIFICATE_URI}
+ ... data=${file_data}
+
+ OpenBMC Delete Request ${CA_CERTIFICATE_URI}
+ # Adding delay after certificate deletion.
+ Sleep 30s
+
+ ${msg}= Run Keyword And Expect Error *
+ ... Get Certificate File Content From BMC CA
+
+ Should Contain ${msg} No such file or directory ignore_case=True
+
+
+
Test Continuous Server Certificate Install
[Documentation] Stress server certificate installtion.
[Tags] Test_Continuous_Server_Certificate_Install
@@ -192,6 +233,9 @@
... ELSE IF '${cert_type}' == 'Client'
... Install Certificate File On BMC ${CLIENT_CERTIFICATE_URI}
... ${expected_status} ${1} data=${file_data}
+ ... ELSE IF '${cert_type}' == 'CA'
+ ... Install Certificate File On BMC ${CA_CERTIFICATE_URI}
+ ... ${expected_status} ${1} data=${file_data}
# Adding delay after certificate installation.
sleep 10s
@@ -201,7 +245,9 @@
${bmc_cert_content}= Run Keyword If '${cert_type}' == 'Server'
... Get Certificate Content From BMC Via Openssl
... ELSE IF '${cert_type}' == 'Client'
- ... Get Client Certificate File Content From BMC
+ ... Get Certificate File Content From BMC Client
+ ... ELSE IF '${cert_type}' == 'CA'
+ ... Get Certificate File Content From BMC CA
Run Keyword if '${expected_status}' == 'ok'
... Should Contain ${cert_file_content} ${bmc_cert_content}