Add certficate csr test cases
Change-Id: I342f5cf328884c5aafeef41b4ab78f9302309bac
Signed-off-by: manashsarma <manashsarma@in.ibm.com>
diff --git a/redfish/dmtf_tools/test_redfishtool_certificate.robot b/redfish/dmtf_tools/test_redfishtool_certificate.robot
index 65ae4ab..cf85cc5 100644
--- a/redfish/dmtf_tools/test_redfishtool_certificate.robot
+++ b/redfish/dmtf_tools/test_redfishtool_certificate.robot
@@ -21,6 +21,7 @@
${root_cmd_args} = SEPARATOR=
... redfishtool raw -r ${OPENBMC_HOST} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
+${invalid_value} abc
*** Test Cases ***
@@ -149,9 +150,95 @@
Wait Until Keyword Succeeds 2 mins 15 secs Verify Certificate Visible Via OpenSSL ${cert_file_path}
+
+Verify CSR Generation For Server Certificate
+ [Documentation] Verify CSR generation for server certificate.
+ [Tags] Verify_CSR_Generation_For_Server_Certificate
+ [Template] Generate CSR Via Redfishtool
+
+ # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
+ Server RSA ${2048} ${EMPTY} ok
+ Server EC ${EMPTY} prime256v1 ok
+ Server EC ${EMPTY} secp521r1 ok
+ Server EC ${EMPTY} secp384r1 ok
+
+
+Verify CSR Generation For Client Certificate
+ [Documentation] Verify CSR generation for client certificate.
+ [Tags] Verify_CSR_Generation_For_Client_Certificate
+ [Template] Generate CSR Via Redfishtool
+
+ # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
+ Client RSA ${2048} ${EMPTY} ok
+ Client EC ${EMPTY} prime256v1 ok
+ Client EC ${EMPTY} secp521r1 ok
+ Client EC ${EMPTY} secp384r1 ok
+
+
+Verify CSR Generation For Server Certificate With Invalid Value
+ [Documentation] Verify error while generating CSR for server certificate with invalid value.
+ [Tags] Verify_CSR_Generation_For_Server_Certificate_With_Invalid_Value
+ [Template] Generate CSR Via Redfishtool
+
+ # csr_type key_pair_algorithm key_bit_length key_curv_id expected_status
+ Server ${invalid_value} ${2048} prime256v1 error
+ Server RAS ${invalid_value} ${EMPTY} error
+
+
+Verify CSR Generation For Client Certificate With Invalid Value
+ [Documentation] Verify error while generating CSR for client certificate with invalid value.
+ [Tags] Verify_CSR_Generation_For_Client_Certificate_With_Invalid_Value
+ [Template] Generate CSR Via Redfishtool
+
+ Client ${invalid_value} ${2048} prime256v1 error
+ Client RSA ${invalid_value} ${EMPTY} error
+
*** Keywords ***
+Generate CSR Via Redfishtool
+ [Documentation] Generate CSR using Redfish.
+ [Arguments] ${cert_type} ${key_pair_algorithm} ${key_bit_length} ${key_curv_id} ${expected_status}
+
+ # Description of argument(s):
+ # cert_type Certificate type ("Server" or "Client").
+ # key_pair_algorithm CSR key pair algorithm ("EC" or "RSA").
+ # key_bit_length CSR key bit length ("2048").
+ # key_curv_id CSR key curv id ("prime256v1" or "secp521r1" or "secp384r1").
+ # expected_status Expected status of certificate replace Redfishtool request ("ok" or "error").
+
+ ${certificate_uri}= Set Variable If
+ ... '${cert_type}' == 'Server' ${REDFISH_HTTPS_CERTIFICATE_URI}/
+ ... '${cert_type}' == 'Client' ${REDFISH_LDAP_CERTIFICATE_URI}/
+
+ ${certificate_dict}= Create Dictionary @odata.id=${certificate_uri}
+
+ ${csr_dict}= Create Dictionary City=Austin CertificateCollection=${certificate_dict}
+ ... CommonName=${OPENBMC_HOST} Country=US Organization=IBM
+ ... OrganizationalUnit=ISL State=AU KeyBitLength=${key_bit_length}
+ ... KeyPairAlgorithm=${key_pair_algorithm} KeyCurveId=${key_curv_id}
+
+ # Remove not applicable field for CSR generation.
+ Run Keyword If '${key_pair_algorithm}' == 'EC' Remove From Dictionary ${csr_dict} KeyBitLength
+ ... ELSE IF '${key_pair_algorithm}' == 'RSA' Remove From Dictionary ${csr_dict} KeyCurveId
+
+ ${expected_resp}= Set Variable If '${expected_status}' == 'ok' ${HTTP_OK}
+ ... '${expected_status}' == 'error' ${HTTP_BAD_REQUEST}
+
+ ${string}= Convert To String ${csr_dict}
+
+ ${string2}= Replace String ${string} ' "
+
+ ${payload}= Set Variable '${string2}'
+
+ ${response}= Redfishtool Post
+ ... ${payload} /redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR
+ ... expected_error=${expected_resp}
+
+ # Delay added between two CSR generation request.
+ Sleep 5s
+
+
Verify Redfishtool Install Certificate
[Documentation] Install and verify certificate using Redfishtool.
[Arguments] ${cert_type} ${cert_format} ${expected_status} ${delete_cert}=${True}