Add certficate csr test cases Change-Id: I342f5cf328884c5aafeef41b4ab78f9302309bac Signed-off-by: manashsarma <manashsarma@in.ibm.com>

commit: e12c8479cf58960207927b605c440aa947632a95 [log] [tgz]
author: manashsarma <manashsarma@in.ibm.com> Fri Jul 24 07:15:47 2020 -0500
committer: George Keishing <gkeishin@in.ibm.com> Thu Jul 30 09:18:22 2020 +0000
tree: da8ac734905c49cb61de776b37d759e213960fec
parent: 68f985b351f420114a6349b674fd833b3259eaab [diff]
diff --git a/redfish/dmtf_tools/test_redfishtool_certificate.robot b/redfish/dmtf_tools/test_redfishtool_certificate.robot
index 65ae4ab..cf85cc5 100644
--- a/redfish/dmtf_tools/test_redfishtool_certificate.robot
+++ b/redfish/dmtf_tools/test_redfishtool_certificate.robot

@@ -21,6 +21,7 @@
 ${root_cmd_args} =  SEPARATOR=
 ...  redfishtool raw -r ${OPENBMC_HOST} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
 
+${invalid_value}  abc
 
 *** Test Cases ***
 
@@ -149,9 +150,95 @@
 
     Wait Until Keyword Succeeds  2 mins  15 secs  Verify Certificate Visible Via OpenSSL  ${cert_file_path}
 
+
+Verify CSR Generation For Server Certificate
+    [Documentation]  Verify CSR generation for server certificate.
+    [Tags]  Verify_CSR_Generation_For_Server_Certificate
+    [Template]  Generate CSR Via Redfishtool
+
+    # csr_type  key_pair_algorithm  key_bit_length  key_curv_id  expected_status
+    Server      RSA                 ${2048}         ${EMPTY}     ok
+    Server      EC                  ${EMPTY}        prime256v1   ok
+    Server      EC                  ${EMPTY}        secp521r1    ok
+    Server      EC                  ${EMPTY}        secp384r1    ok
+
+
+Verify CSR Generation For Client Certificate
+    [Documentation]  Verify CSR generation for client certificate.
+    [Tags]  Verify_CSR_Generation_For_Client_Certificate
+    [Template]  Generate CSR Via Redfishtool
+
+    # csr_type  key_pair_algorithm  key_bit_length  key_curv_id  expected_status
+    Client      RSA                 ${2048}         ${EMPTY}     ok
+    Client      EC                  ${EMPTY}        prime256v1   ok
+    Client      EC                  ${EMPTY}        secp521r1    ok
+    Client      EC                  ${EMPTY}        secp384r1    ok
+
+
+Verify CSR Generation For Server Certificate With Invalid Value
+    [Documentation]  Verify error while generating CSR for server certificate with invalid value.
+    [Tags]  Verify_CSR_Generation_For_Server_Certificate_With_Invalid_Value
+    [Template]  Generate CSR Via Redfishtool
+
+    # csr_type  key_pair_algorithm  key_bit_length    key_curv_id       expected_status
+    Server      ${invalid_value}    ${2048}           prime256v1        error
+    Server      RAS                 ${invalid_value}  ${EMPTY}          error
+
+
+Verify CSR Generation For Client Certificate With Invalid Value
+    [Documentation]  Verify error while generating CSR for client certificate with invalid value.
+    [Tags]  Verify_CSR_Generation_For_Client_Certificate_With_Invalid_Value
+    [Template]  Generate CSR Via Redfishtool
+
+    Client      ${invalid_value}    ${2048}           prime256v1        error
+    Client      RSA                 ${invalid_value}  ${EMPTY}          error
+
 *** Keywords ***
 
 
+Generate CSR Via Redfishtool
+    [Documentation]  Generate CSR using Redfish.
+    [Arguments]  ${cert_type}  ${key_pair_algorithm}  ${key_bit_length}  ${key_curv_id}  ${expected_status}
+
+    # Description of argument(s):
+    # cert_type           Certificate type ("Server" or "Client").
+    # key_pair_algorithm  CSR key pair algorithm ("EC" or "RSA").
+    # key_bit_length      CSR key bit length ("2048").
+    # key_curv_id         CSR key curv id ("prime256v1" or "secp521r1" or "secp384r1").
+    # expected_status     Expected status of certificate replace Redfishtool request ("ok" or "error").
+
+    ${certificate_uri}=  Set Variable If
+    ...  '${cert_type}' == 'Server'  ${REDFISH_HTTPS_CERTIFICATE_URI}/
+    ...  '${cert_type}' == 'Client'  ${REDFISH_LDAP_CERTIFICATE_URI}/
+
+    ${certificate_dict}=  Create Dictionary  @odata.id=${certificate_uri}
+
+    ${csr_dict}=  Create Dictionary  City=Austin  CertificateCollection=${certificate_dict}
+    ...  CommonName=${OPENBMC_HOST}  Country=US  Organization=IBM
+    ...  OrganizationalUnit=ISL  State=AU  KeyBitLength=${key_bit_length}
+    ...  KeyPairAlgorithm=${key_pair_algorithm}  KeyCurveId=${key_curv_id}
+
+    # Remove not applicable field for CSR generation.
+    Run Keyword If  '${key_pair_algorithm}' == 'EC'  Remove From Dictionary  ${csr_dict}  KeyBitLength
+    ...  ELSE IF  '${key_pair_algorithm}' == 'RSA'  Remove From Dictionary  ${csr_dict}  KeyCurveId
+
+    ${expected_resp}=  Set Variable If  '${expected_status}' == 'ok'  ${HTTP_OK}
+    ...  '${expected_status}' == 'error'  ${HTTP_BAD_REQUEST}
+
+    ${string}=  Convert To String  ${csr_dict}
+
+    ${string2}=  Replace String  ${string}   '  "
+
+    ${payload}=  Set Variable  '${string2}'
+
+    ${response}=  Redfishtool Post
+    ...  ${payload}  /redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR
+    ...  expected_error=${expected_resp}
+
+    # Delay added between two CSR generation request.
+    Sleep  5s
+
+
 Verify Redfishtool Install Certificate
     [Documentation]  Install and verify certificate using Redfishtool.
     [Arguments]  ${cert_type}  ${cert_format}  ${expected_status}  ${delete_cert}=${True}
commit	e12c8479cf58960207927b605c440aa947632a95	[log] [tgz]
author	manashsarma <manashsarma@in.ibm.com>	Fri Jul 24 07:15:47 2020 -0500
committer	George Keishing <gkeishin@in.ibm.com>	Thu Jul 30 09:18:22 2020 +0000
tree	da8ac734905c49cb61de776b37d759e213960fec
parent	68f985b351f420114a6349b674fd833b3259eaab [diff]